News
APNIC blog discusses the recent proposal of ATHENE researchers to distribute the power of RPKI authorities
Internet infrastructure is still very vulnerable. Security enhancements such as Domain Name System Security Extensions (DNSSEC) and Resource Public Key Infrastructure (RPKI) are based on cryptographic signatures. While private keys should theoretically be held by the owners of domains and Internet name resources, they are outsourced to centralised authorities in practice. This bearsconsiderable security risks.
In his post, ATHENE researcher Kris Shrishak, TU Darmstadt, proposes a change to RPKI that will strengthen the threat model and prevent unilateral takedown of IP prefixes by Regional Internet Registries (RIRs).
The article was published on the blog of the Asia Pacific Network Information Centre, APNIC for short, and on RIPE Labs. Both platforms are used by the network operators and researchers for active exchange on current research topics.
Post on APNIC
Post on RIPE Labs
The post is based on the paper "Limiting the Power of RPKI Authorities” published by Dr. Haya Shulman and Kris Shrishak at this year's ANRW '20: Applied Networking Research Workshop.
show all news