[152447] in North American Network Operators' Group
Re: rpki vs. secure dns?
daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)
Mon Apr 30 09:54:48 2012
Date: Mon, 30 Apr 2012 15:53:46 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Russ White <russw@riw.us>
In-Reply-To: <4F9E969F.4040308@riw.us>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Apr 30, 2012 at 09:41:51AM -0400,
Russ White <russw@riw.us> wrote
a message of 60 lines which said:
> Neither a DNS based solution nor the RPKI will resolve path attacks,
I want to be sure of the terminology: what is deployed presently is
the bundle RPKI+ROA. As their name say, ROA can only be used against
origin attacks. But RPKI can be used for other things than RPKI+ROA,
including BGP-sec (against path-based attacks), no?
