Re: Are you ready for RPKI in your BGP?

[Arturo Servin <arturo.servin () gmail com>]

        There are some pieces in the RPKI puzzle.

        One is the definitions of protocols, that one is very advanced in the SIDR WG in the IETF. Not RFCs yet but I 
am sure we will se some soon.

        Another piece are repositories of CA's and ROAs and Trust Anchors. RIRs have they implementations or you could 
create your own if you want to keep your private keys.

        IMHO one piece missing (not the only one, but one important in this stage) is RTR (RPKI/Router Protocol) 
working in routers. May be is too soon to see it in production routers but I am only aware of one big vendor with 
testing code. Also open-source implementations (Quagga, Xorp, Bird, etc.) are not actively (or at all) working in RPKI, 
I would imagine that one first step for many operators is to test RPKI with these implementations.


Regards,
-as


On 9 Dec 2010, at 06:37, nanog-request () nanog org wrote:

> Date: Wed, 8 Dec 2010 22:56:08 -0500
> From: Jared Mauch <jared () puck nether net>
> Subject: Are you ready for RPKI in your BGP?
> To: North American Network Operators Group <nanog () nanog org>
> Message-ID: <15FF52BA-388A-48E8-BDDE-A151E694E9AC () puck nether net>
> Content-Type: text/plain; charset=us-ascii
>
> Are you ready for RPKI in your network?
>
> While there's some dubious hyperbole in the article, the work that has been undertaken in SIDR wg re: RPKI is moving 
> along.  
>
> http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2010/120710-chinese-internet-traffic-fix.html&pagename=/news/2010/120710-chinese-internet-traffic-fix.html&pageurl=http://www.networkworld.com/news/2010/120710-chinese-internet-traffic-fix.html&site=printpage&nsdr=n
>
> For those of you preparing to assign 2011 goals to your employees, or something to self-assign, this should be in the 
> top-5 or top-10 if you configure routers for BGP.
>
> - Jared