[AusNOG] google potential route hijacked.
Paul Wilkins
paulwilkins369 at gmail.com
Tue Nov 13 17:50:35 EST 2018
What I think's interesting is that route filters are still the go to for
BGP authentication.
Nobody steals DNS to the degree of BGP, because DNS has solid PKI
authentication.
If RPKI only had the same chain of trust for in-addr.arpa as the rest of
DNS does back to iana.
Kind regards
Paul Wilkins
On Tue, 13 Nov 2018 at 17:01, Dobbins, Roland <Roland.Dobbins at netscout.com>
wrote:
> On 13 Nov 2018, at 11:53, Binh Lam wrote:
>
> > just to whom who provided critical infrastructures (ie, email, DNS
> > hosting, cloud providers,
> > online banking sites subnets, high profile sensitive online sites ,
> > etc..)
>
> This is both untenable and undesirable. Nor is Internet nor 'critical
> infrastructure' composed solely of /24s.
>
> There are a couple of decades' worth of discussion of the topic of
> disaggregation; strongly suggest perusing it.
>
> --------------------------------------------
> Roland Dobbins <roland.dobbins at netscout.com>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20181113/1f0d7f36/attachment.html>
More information about the AusNOG
mailing list