RPKI Validator 3: RIS dump downloads - still plain HTTP
Hi, back in September I opened an issue on github [1] about RPKI Validator 3 fetching RIS dumps via plain HTTP connections, two weeks ago the issue got closed. First I was glad since I assumed the issue got closed because it is fixed but then I noticed that the issue still persists in rpki-validator-3.0-377 so I'm wondering why the issue got closed? thanks, nusenu [1] https://github.com/RIPE-NCC/rpki-validator-3/issues/50 -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Hi nusenu, First of all, my apologies that the issue you raised fell a bit through the cracks and it took so long to get resolved. We do see the importance to offer RIS dumps through HTTPS and to configure our RPKI validator to fetch the RIS dumps via HTTPS. At the moment the RIS team is working on making HTTPS available and as soon as this is done (they told me it will happen soon), we will make the change to the validator. Overall, we need a few more weeks for this, but we will reply here as well as soon as it is done. We will open the issue again and only close it when it is resolved. Thanks, Nathalie Trenaman Routing Security Programme Manager RIPE NCC
Op 12 feb. 2019, om 23:28 heeft nusenu <nusenu-lists@riseup.net> het volgende geschreven:
Hi,
back in September I opened an issue on github [1] about RPKI Validator 3 fetching RIS dumps via plain HTTP connections, two weeks ago the issue got closed.
First I was glad since I assumed the issue got closed because it is fixed but then I noticed that the issue still persists in rpki-validator-3.0-377 so I'm wondering why the issue got closed?
thanks, nusenu
[1] https://github.com/RIPE-NCC/rpki-validator-3/issues/50
-- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Nathalie Trenaman:
Hi nusenu,
First of all, my apologies that the issue you raised fell a bit through the cracks and it took so long to get resolved. We do see the importance to offer RIS dumps through HTTPS and to configure our RPKI validator to fetch the RIS dumps via HTTPS. At the moment the RIS team is working on making HTTPS available and as soon as this is done (they told me it will happen soon), we will make the change to the validator. Overall, we need a few more weeks for this, but we will reply here as well as soon as it is done. We will open the issue again and only close it when it is resolved.
Thanks for your reply, it is appreciated. -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Hi nusenu, all, I can confirm that the RIS dumps now work (by default) through HTTPS in the validator. Please make sure you have the latest build: 387. Thanks, Nathalie Trenaman RIPE NCC
Op 15 feb. 2019, om 23:40 heeft nusenu <nusenu-lists@riseup.net> het volgende geschreven:
Nathalie Trenaman:
Hi nusenu,
First of all, my apologies that the issue you raised fell a bit through the cracks and it took so long to get resolved. We do see the importance to offer RIS dumps through HTTPS and to configure our RPKI validator to fetch the RIS dumps via HTTPS. At the moment the RIS team is working on making HTTPS available and as soon as this is done (they told me it will happen soon), we will make the change to the validator. Overall, we need a few more weeks for this, but we will reply here as well as soon as it is done. We will open the issue again and only close it when it is resolved.
Thanks for your reply, it is appreciated.
-- https://twitter.com/nusenu_ https://mastodon.social/@nusenu
Nathalie Trenaman:
Hi nusenu, all,
I can confirm that the RIS dumps now work (by default) through HTTPS in the validator. Please make sure you have the latest build: 387.
thanks for the update, I updated the issue with your information and closed it. Since this is solved now, if you would like to pick up another item from the list: https://github.com/RIPE-NCC/rpki-validator-3/issues/49#issuecomment-45692750... thanks, nusenu
participants (2)
-
Nathalie Trenaman -
nusenu