We would like to provide you with a better user experience. Please re-enable Javascript in your web browser.
The RIPE community held a meeting in November. Like most community meetings in these Covid-blighted times it was a virtual meeting. Here’s my notes from a few presentations that piqued my interest. All the material presented at the meeting can be found at https://ripe83.ripe.net/. Vulnerability Disclosure Responsible Disclosure is a…
The network operations community is cautiously heading back into a mode of in person meetings and the NANOG meeting at the start of November was a hybrid affair with a mix of in-person and virtual participation, both by the presenters and the attendees. I was one of the virtual mob,…
It has often been said of technology standards that the good thing is that there are just so many to pick from! The same is true, to perhaps a more limited extent, in the world of cryptography. The choices may not be quite so diverse, but there are still many…
Am I really talking to you? In a networked world that’s an important question. For example, where I’m located, when I look up the DNS name www.google.com I get the IPv6 address 2404:6800:4006:813::2004. This implies that when I send an IPv6 packet to this destination address I will reach a…
The Border Gateway Protocol (BGP) is the Internet’s inter-domain routing protocol, and after some thirty years of operation BGP is now one of the more venerable of the Internet’s protocols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result…
The Border Gateway Protocol (BGP) is the Internet’s inter-domain routing protocol, and after some thirty years of operation is now one of the more venerable of the Internet’s core” protocols. One of the major ongoing concerns related to BGP is its lack of effective security measures, and as a result…
There are a number of parts to the current framework that we’re using to improve routing security on the Internet. Prefix holders should generate validly signed Route Origination Attestations (ROAs) and have them published, Network operators should maintain a current local cache of these signed objects and use then to…
As the pandemic continues, the network operational community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting. A Brief History of Router Architecture Ethernet, developed in 1973 at Xerox PARC, was a…
Over the past few months I’ve had the opportunity at various network operator meetings to talk about BGP routing security and also highlight a measurement page we’ve set up that measures the extent to which Route Origin Validation (RoV) is actually “protecting” users (https://stats.labs.apnic.net/rpki). By this I mean we’re measuring…
I’ve been asked a number of times: “Why are we using as distributed trust framework where each of the RIRs are publishing a trust anchor that claims the entire Internet number space?” I suspect that the question will arise again the future so it may be useful to record the…
