There are some pieces in the RPKI puzzle. One is the definitions of protocols, that one is very advanced in the SIDR WG in the IETF. Not RFCs yet but I am sure we will se some soon. Another piece are repositories of CA's and ROAs and Trust Anchors. RIRs have they implementations or you could create your own if you want to keep your private keys. IMHO one piece missing (not the only one, but one important in this stage) is RTR (RPKI/Router Protocol) working in routers. May be is too soon to see it in production routers but I am only aware of one big vendor with testing code. Also open-source implementations (Quagga, Xorp, Bird, etc.) are not actively (or at all) working in RPKI, I would imagine that one first step for many operators is to test RPKI with these implementations. Regards, -as On 9 Dec 2010, at 06:37, nanog-request@nanog.org wrote:
Date: Wed, 8 Dec 2010 22:56:08 -0500 From: Jared Mauch <jared@puck.nether.net> Subject: Are you ready for RPKI in your BGP? To: North American Network Operators Group <nanog@nanog.org> Message-ID: <15FF52BA-388A-48E8-BDDE-A151E694E9AC@puck.nether.net> Content-Type: text/plain; charset=us-ascii
Are you ready for RPKI in your network?
While there's some dubious hyperbole in the article, the work that has been undertaken in SIDR wg re: RPKI is moving along.
For those of you preparing to assign 2011 goals to your employees, or something to self-assign, this should be in the top-5 or top-10 if you configure routers for BGP.
- Jared