Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Culture Forums»Science»RPKI deployment - ISPs mu...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Science

Related: About this forum
 

gredinger

(86 posts) Sat Feb 29, 2020, 12:51 PM Feb 2020

RPKI deployment - ISPs must act.

This discussion thread was locked as off-topic by eppur_se_muova (a host of the Science group).

A couple years back, there was an attack on the Internet; a BGP leak. For a few minutes, internet traffic was rerouted through nodes that advertised BGP routes that were not their own. (Read more about an actual attack here: https://blog.cloudflare.com/bgp-leaks-and-crypto-currencies/ )

Normally, these sort of "attacks" are attributed to human error. Fat-fingering a command on a core internet router taking down chunks of the Internet is pretty scary, but it has happened (and will probably happen again).

However, there's a technology that can prevent these sort of leaks in the future. RPKI implements private key infrastructure (you know, the 'S' part of HTTPS) for BGP. It's pretty simple, an ISP generates their private/public keypair. Adds their key set to their router, and then sends over the public key to their regional internet registry.

It really just requires more providers only trusting BGP advertisements from those with signed messages.

ARIN's not government regulated, but US law could force ISPs to implement this standard here in America. Disregarding non-signed advertisements would force other nations (and ISPs) to adopt similar measures.

Thoughts/concerns/comments?

InfoView thread info, including edit history TrashPut this thread in your Trash Can (My DU » Trash Can) BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks) 1 replies, 1124 views
ShareGet links to this post and/or share on social media AlertAlert this post for a rule violation PowersThere are no powers you can use on this post Cannot edit, recommend, or reply in locked discussions
1 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
RPKI deployment - ISPs must act. (Original Post) gredinger Feb 2020 OP
Not really a Science thread -- try Website, DB, & Software Developers (Group) nt eppur_se_muova Feb 2020 #1

eppur_se_muova

(36,299 posts)
1. Not really a Science thread -- try Website, DB, & Software Developers (Group) nt
Reply to gredinger (Original post)
Sat Feb 29, 2020, 11:19 PM
Feb 2020
TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  Cannot edit, recommend, or reply in locked discussions
Latest Discussions»Culture Forums»Science»RPKI deployment - ISPs mu...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.