Speaker
Ondřej Caletka
(RIPE NCC)
Description
In the past it was believed that network operators should periodically download clear text data from the Internet and put them into the configuration of their routers to make routing more secure.
RPKI is a technology to secure routing which employs proper cryptography. For years we have used it for Route Origin Authorization. New feature of routing security is being deployed now: Autonomous System Provider Authorization.
It complements existing Route Origin validation with a partial path validation: each autonomous system can declare which autonomous systems are expected to provide transit services. Network operators validating ASPA can then drop routes coming via unauthorized providers.
Author
Ondřej Caletka
(RIPE NCC)
