Need help connecting your router?
Mark2014's profile

Tutor

 • 

5 Messages

Wednesday, April 30th, 2014 10:47 PM

Is Uverse using Resource Public Key Infrastructure (RPKI), also known as Resource Certification

After the hack of Target, Neiman Marcus and the Heartbleed bug in OpenSSL/OpenSSh I want to know if Uverse or ATT is using the Resource Public Key Infrastructure (RPKI), also known as Resource Certification, which I read is more secure. Does anyone know much about this?

 

According to the Wiki entry: "

Resource Public Key Infrastructure (RPKI), also known as Resource Certification, is a specialized public
key infrastructure (PKI) framework designed to secure the Internet's routing infrastructure.
RPKI provides a way to connect Internet number resource information (such as Autonomous System numbers
and IP Addresses) to a trust anchor. The certificate structure mirrors the way in which Internet number
resources are distributed. That is, resources are initially distributed by the IANA to the Regional Internet
Registries (RIRs), who in turn distribute them to Local Internet Registries (LIRs), who then distribute the
resources to their customers. RPKI can be used by the legitimate holders of the resources to control the
operation of Internet routing protocols to prevent route hijacking and other attacks. In particular, RPKI is used
to secure the Border Gateway Protocol (BGP) through BGPSEC, as well as Neighbor Discovery Protocol
(ND) for IPv6 through the Secure Neighbor Discovery Protocol (SEND).
Work on standardizing RPKI is currently (late 2011) ongoing at the IETF in the sidr working group
(https://datatracker.ietf.org/wg/sidr/charter/), based on a threat analysis which was documented in RFC 4593.
The standards cover BGP origin validation, while work on path validation[1] is underway.

"

Accepted Solution

Official Solution

Expert

 • 

9.4K Messages

10 years ago

RPKI is used in some carrier-grade routers. It is not used for smaller portions of a network, nor is it used with individual customer-end equipment like modems/gateways. It's purpose is not to secure devices, but rather secure the Internet's global routing tables from malicious attacks like route injection.

ACE - Expert

 • 

34.6K Messages

10 years ago

Just one question:


How much of this do you understand?

 

Tutor

 • 

5 Messages

10 years ago

I'm not an Internet backbone guy. Just a concerned netizen. If this is an inappropriate question I can post it elsewhere.

Tutor

 • 

5 Messages

10 years ago

So is AT&T using it as part of their business as an ISP?

Expert

 • 

9.4K Messages

10 years ago

I have no idea. AT&T likely would not share that information with anyone, whether they are or are not using it.

ACE - Expert

 • 

34.6K Messages

10 years ago

My point in my reply earlier is that you're associating two completely distinct technologies that have nothing whatsoever to do with each other.

 

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.