Closely follow and study the cutting-edge technologies in basic Internet resources services, continuously carry out technological innovation and product incubation, promote innovation through technology, and promote development through innovation

Root domain name domain, the industry's new technologies, new products, new systems, new services in-depth study and release industry reports, leading the development of the Internet domain name industry

Closely follow and study the cutting-edge technologies in basic Internet resources services, continuously carry out technological innovation and product incubation, promote innovation through technology, and promote development through innovation

Frontier Research

This document analyzes actions by or against a Certification Authority (CA) or an independent repository manager in the RPKI that can adversely affect the Internet Number Resources (INRs) associated with that CA or its subordinate CAs.  The analysis is done from the perspective of an affected INR holder. The analysis is based on examination of the data items in the RPKI repository, as controlled by a CA (or an independent repository manager) and fetched by Relying Parties (RPs).  

 

Secure connection between IPSec participants is achieved via IPSec SAs. However, there are no simple and elegant approaches to the management of SA parameters currently. As a result, the cost of user devices and target servers to negotiate a SA is expensive in aspects of time, CPU load and network usage. By analyzing the topology and deployment features of CPN, this paper found that there existed outbound trust relationship between the DHCP server and other service providers. 

 

This technical report is commissioned by CCSA*. Based on the statistics released by the IETF SIDR group and related organizations, this study examines the principles, security mechanisms, and deployment status of RPKI technologies and analyzes the current status of RPKI technologies in the current international community (ICANN, RIRs, IETF) , equipment providers (Cisco, Juniper) and technology service providers (Raytheon BBN) on RPKI's technical and policy support.

RPSTIR is an opensource software, which helps network operators detect and reject accidental, false route origin advertisements, thus reducing the likelihood of inadvertent Internet address space hijacking. Using the global RPKI, RPSTIR securely generates a list of authorized prefix-origin AS pairs. Routers retrieve this list via the RPKI-RTR protocol and use it to detect false origin announcements due to errors by network operators, e.g., the Pakistan Telecom hijack of YouTube address space.  

 

Contact Us

京ICP备15027496号-3 | 京公网安备11010802021115号   | ZDNS All Rights Reserved  © 2010-2017 

Partners: Top   Club   Shop   VIP   Wang   Site 
Mail:web@zdns.cn  
7*24 Customer Hotline:010-58812426 
HQ  Address:2nd Floor, Building 1, No.4 ZhongGuanCun NanSiJie, Haidian, Beijing, China (100190)
Follow  us on Wechat