Skip to Content.
Sympa Menu

netsec-sig - Re: [Security-WG] Fwd: [arin-announce] New RPKI Trust Anchor

Subject: Internet2 Network Security SIG

List archive

Re: [Security-WG] Fwd: [arin-announce] New RPKI Trust Anchor


Chronological Thread 
  • From: "Dale W. Carder" <>
  • To:
  • Subject: Re: [Security-WG] Fwd: [arin-announce] New RPKI Trust Anchor
  • Date: Wed, 20 Sep 2017 13:14:57 -0700
  • Ironport-phdr: 9a23:ZgTrHBOW5DtM6H9iudQl6mtUPXoX/o7sNwtQ0KIMzox0LfT7rarrMEGX3/hxlliBBdydsKMUzbKO+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZPebgFLiTanfb9+MAi9oBnMuMURnYZsMLs6xAHTontPdeRWxGdoKkyWkh3h+Mq+/4Nt/jpJtf45+MFOTav1f6IjTbxFFzsmKHw65NfqtRbYUwSC4GYXX3gMnRpJBwjF6wz6Xov0vyDnuOdxxDWWMMvrRr0yRD+s7bpkSAXwhSkJNzA37nzZhM9+jK1UvB2uuhNxzIzab4yOKPpzfbnQcc8GSWdbXMtcUTFKDIOmb4sICuoMJehUoYfnqFsKsxS1GAmjCPnywTJWnHD2x7A13Po7EQ3IwQctGM8BsXrIo9rvLqcdTP66zLPTwDrddPNawzH955bUch04p/yHQLx+cc3UyUY1FgPFiE2dppb/PzOU0OQBqW6b4PR8Ve63im4otR1xoja1yscrkInJiYQYwU3H+yVh2Is5OMO0RU1hbdOqCpdduDyWO5F0T88/W21kpic3xqMatZO+fyUHxpEqyh3DZ/CbboSF5xLuWeSPLTp9gX9pZbeyiwuw/Ee9zOD3S9O630xQriVfl9nBrnAN2ALX6siAUvZ98Fmu1DmV2wDX8e5EJVo4laXcK54/2rIwl5wTvlrfHiLuhUn6kqybel8q9+Sy5Onrf6/qq52BO4NsjwHxKKUumsixAeQiNQgOWnCW9vmy1bL/50L5WqhFgeMskqTCrp/aPt4XpqinDA9Jyooj8QqwDy+60NQEmnkKNElFdwybgIj0IVHOIez4DPemj1Winzdm3PTGPrz6ApXRNXjPjq3tfbd7605A1gUz19Zf6IxICr0fOv78RFL+tMGLRiM+Zhe5yPv9Cclsk5wRcWOJHqKDNq7O6xmF6v98DfOLYdpflD/5JrAaobbFhGU1lEVXNf2lwpAecny1BNxrOAOfbGa60YRJKnsDogdrFL+is1aFSzMGP3s=

Hey David, that's really good news.

Do you know if there is still an AUP (I think it was click-through, but
had problematic language, IIRC) to use the ARIN TA? I haven't looked
recently.

Dale


Thus spake David Farmer
()
on Wed, Sep 20, 2017 at 10:31:55AM -0500:
> FYI, I thought this might be of interest.
>
> ---------- Forwarded message ----------
> From: ARIN
> <>
> Date: Wed, Sep 20, 2017 at 8:13 AM
> Subject: [arin-announce] New RPKI Trust Anchor
> To:
>
>
>
> On 19 September 2017, ARIN held a key ceremony to move to a RPKI Trust
> Anchor that reflects all holdings (0/0) to fulfill our commitment to the
> deadline set by the Number Resource Organization (NRO) for all of the
> Regional Internet Registries (RIRs). This action is detailed in the “All
> Resources Applicability Statement” dated 21 January 2017:
>
> https://tools.ietf.org/html/draft-rir-rpki-allres-ta-app-statement
>
> "This document provides an applicability statement for the use of multiple,
> over-claiming ‘all resources’ (0/0) RPKI certificate authorities (CA)
> certificates used as trust anchors (TAs) operated by the Regional Internet
> Registry community to help mitigate the risk of massive downstream
> invalidation in the case of transient registry inconsistencies."
>
> To mitigate the risk and alleviate this threat, the RIRs agreed to move
> from a Trust Anchor that reflects only their current holdings to one that
> reflects all holdings. This improvement will provide a more robust way of
> allowing resources that are covered under RPKI to be transferred from one
> RIR to another.
>
> Note that current ARIN RPKI users do not need to re-download the TAL, as
> the TAL has not changed.
>
> If you are new to RPKI and want to start validating RPKI data from the ARIN
> region, you can download the ARIN TAL from the following location:
>
> https://www.arin.net/resources/rpki/tal.html
>
> Regards,
>
> Mark Kosters
> Chief Technology Officer
> American Registry for Internet Numbers (ARIN)
>
> _______________________________________
>
>
>
> --
> ===============================================
> David Farmer
> Email:
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE Phone: 612-626-0815
> Minneapolis, MN 55414-3029 Cell: 612-812-9952
> ===============================================



Archive powered by MHonArc 2.6.19.

Top of Page