RPKI: Legal Barriers and New Directions
2018 saw major growth in adoption of the Resource Public Key Infrastructure (RPKI) framework for routing security, with NANOG 74 marking an inflection point. Over …
|Talk Title||RPKI: Legal Barriers and New Directions|
|Speakers||Christopher Yoo, University of Pennsylvania|
|Location||San Francisco, CA|
|Date||Feb 18 2019 - Feb 20 2019|
2018 saw major growth in adoption of the Resource Public Key Infrastructure (RPKI) framework for routing security, with NANOG 74 marking an inflection point. Over the year, players like Cloudflare and NTT began participating in the framework; the five Regional Internet Registries engaged in efforts to make implementing RPKI easier; programs like the Mutually Agreed Norms for Routing Security promoted RPKI around the world. At NANOG 74 in particular, many talks and myriad hallway discussions pushed the RPKI effort forward. As a result, RPKI use is higher than ever before. In Europe, for example, over 40% of announced IP space is now covered by a Route Origin Authorization—the attestation establishing who is permitted to publish routing announcements for given IP space. Yet, while North American numbers have increased, they remain below 10%. To ensure continued RPKI growth, the NANOG community must pay sustained attention to the adoption effort. In addition to describing industry-wide efforts to develop awareness and better software tools to ease RPKI implementation, this talk will present the recommendations of my team’s report, published in December 2018, concerning the legal structure supporting RPKI’s adoption, which were heavily influenced by discussions at NANOG 74. Those discussions have already resulted in important changes to how RPKI resources are distributed by the American Registry for Internet Numbers (ARIN). ARIN further plans to consider a set of recommendations in the spring of 2019. The talk will outline the reasons behind the recommendations in light of community dialogue after NANOG 74. Further, the talk will raise an important new possibility: Would it be valuable to establish an independent nonprofit organization devoted to publishing the North American RPKI repository? Such an organization would require significant effort to create and operate, but it may be more reliable and resilient when compared with the current structure for RPKI repository distribution.