Reply
Posted Apr 30, 2014
3:47:19 PM
Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

After the hack of Target, Neiman Marcus and the Heartbleed bug in OpenSSL/OpenSSh I want to know if Uverse or ATT is using the Resource Public Key Infrastructure (RPKI), also known as Resource Certification, which I read is more secure. Does anyone know much about this?

 

According to the Wiki entry: "

Resource Public Key Infrastructure (RPKI), also known as Resource Certification, is a specialized public
key infrastructure (PKI) framework designed to secure the Internet's routing infrastructure.
RPKI provides a way to connect Internet number resource information (such as Autonomous System numbers
and IP Addresses) to a trust anchor. The certificate structure mirrors the way in which Internet number
resources are distributed. That is, resources are initially distributed by the IANA to the Regional Internet
Registries (RIRs), who in turn distribute them to Local Internet Registries (LIRs), who then distribute the
resources to their customers. RPKI can be used by the legitimate holders of the resources to control the
operation of Internet routing protocols to prevent route hijacking and other attacks. In particular, RPKI is used
to secure the Border Gateway Protocol (BGP) through BGPSEC, as well as Neighbor Discovery Protocol
(ND) for IPv6 through the Secure Neighbor Discovery Protocol (SEND).
Work on standardizing RPKI is currently (late 2011) ongoing at the IETF in the sidr working group
(https://datatracker.ietf.org/wg/sidr/charter/), based on a threat analysis which was documented in RFC 4593.
The standards cover BGP origin validation, while work on path validation[1] is underway.

"

0
(0)
  • Rate this reply
Solved
Apr 30, 2014 5:35:07 PM
0
(0)
Expert
RPKI is used in some carrier-grade routers. It is not used for smaller portions of a network, nor is it used with individual customer-end equipment like modems/gateways. It's purpose is not to secure devices, but rather secure the Internet's global routing tables from malicious attacks like route injection.

Accepted Solution

Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

334 views
6 replies
(0) Me too
(0) Me too
Post reply
Replies
(6)
0
(0)
  • Rate this reply
Apr 30, 2014 3:51:34 PM
0
(0)
ACE - Master

Just one question:


How much of this do you understand?

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

354 views
0
(0)
  • Rate this reply
Apr 30, 2014 4:06:58 PM
0
(0)
Tutor

I'm not an Internet backbone guy. Just a concerned netizen. If this is an inappropriate question I can post it elsewhere.

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

350 views
0
(0)
  • Rate this reply
Solved
Apr 30, 2014 5:35:07 PM
0
(0)
Expert
RPKI is used in some carrier-grade routers. It is not used for smaller portions of a network, nor is it used with individual customer-end equipment like modems/gateways. It's purpose is not to secure devices, but rather secure the Internet's global routing tables from malicious attacks like route injection.

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

334 views
Solution
0
(0)
  • Rate this reply
May 1, 2014 2:06:57 PM
0
(0)
Tutor

So is AT&T using it as part of their business as an ISP?

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

299 views
0
(0)
  • Rate this reply
May 1, 2014 2:46:58 PM
0
(0)
Expert
I have no idea. AT&T likely would not share that information with anyone, whether they are or are not using it.

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

296 views
0
(0)
  • Rate this reply
May 1, 2014 6:25:16 PM
0
(0)
ACE - Master

My point in my reply earlier is that you're associating two completely distinct technologies that have nothing whatsoever to do with each other.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

284 views
Share this post
Share this post