RPKI deployment - ISPs must act.
This discussion thread was locked as off-topic by eppur_se_muova (a host of the Science group).
A couple years back, there was an attack on the Internet; a BGP leak. For a few minutes, internet traffic was rerouted through nodes that advertised BGP routes that were not their own. (Read more about an actual attack here: https://blog.cloudflare.com/bgp-leaks-and-crypto-currencies/ )
Normally, these sort of "attacks" are attributed to human error. Fat-fingering a command on a core internet router taking down chunks of the Internet is pretty scary, but it has happened (and will probably happen again).
However, there's a technology that can prevent these sort of leaks in the future. RPKI implements private key infrastructure (you know, the 'S' part of HTTPS) for BGP. It's pretty simple, an ISP generates their private/public keypair. Adds their key set to their router, and then sends over the public key to their regional internet registry.
It really just requires more providers only trusting BGP advertisements from those with signed messages.
ARIN's not government regulated, but US law could force ISPs to implement this standard here in America. Disregarding non-signed advertisements would force other nations (and ISPs) to adopt similar measures.
Thoughts/concerns/comments?