Hi all,
It might be the case that the vulnerability is in the realm of disagreement with some design choices of the past, rather than a traditional CVE hole in one or more software packages.
I'd certainly hope that it isn't that you can just spoof the valid origin AS...
I recently had someone come to me with this *shocking* discovery and ask about how to disclose it. This was the same person who alerted me to the also *shocking* discovery that longest-match wins, and so just twiddling local-pref doesn't save you.
W
I found the following paper which touches upon the “assumed trust” aspect of RPKI in the relationship between Relaying Party and Trust Anchor(s).
I’m very interested in discussion about cross-signing schemes.
Job
--
To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/routing-wg