The White House recently announced plans to boost Internet routing security in the US through better RPKI coverage. So how does RPKI help secure BGP? How easy is it to boost coverage on a national level? And what's the future potential of the infrastructure? Our guest Tim Bruijnzeels shares his views.
Tim is Principal Software Engineer for RPKI at the RIPE NCC and has worked in standards development and software implementation around RPKI for well over a decade. He talked to us about where RPKI is at today, how governments can and have aided its adoption, and how work being done on ASPA and BGPsec promise a more secure future for the Internet.
Show notes:
02:40 - The Dublin IETF meeting back in 2008.
03:17 - Tim has contributed to a number of RFCs over the years.
03:40 - NLnet Labs develops free, liberally licensed, open-source software for DNS and BGP routing.
03:50 - Krill is a free, open source RPKI Certificate Authority developed by NLnet Labs that lets you run delegated RPKI under one or multiple RIRs.
07:24 - You can read more on how the Internet routes around damage on RIPE Labs.
10:47 - Get more information on how to manage ROAs through the RPKI Dashboard.
11:36 - Check out the RIPE NCC's Routing Information Service (RIS).
12:17 - Alex Band's article on the launch of the RIPE NCC Resource Certification Service back in 2011.
13:51 - There are a number of RPKI validators to choose from, including Routinator from NLnet Labs.
17:32 - Here's a nice explainer article on ASPA.
22:07 - Plans to support ASPA and BGPsec router certificates in RIPE NCC Quarterly Planning.
26:47 - More on Dutch government measures for ensuring RPKI coverage.
","author_name":"RIPE Labs Editor"}