/plushcap/analysis/cloudflare/rpki-details

RPKI and BGP: our path to securing Internet Routing

What's this blog post about?

Cloudflare has started deploying active filtering using RPKI (Resource Public Key Infrastructure) for routing decisions and signing its routes, aiming to protect users from route hijacks and misconfigurations. The company is also encouraging adoption of Route Origin Validation on the Internet by providing this service to everyone for free. Cloudflare's approach involves signing prefixes through regional internet registries (RIR) portals or APIs, validating certificates, distributing RPKI cache securely via its own content delivery network, and using a lightweight local RTR server. The company is also working on providing a public RTR server using its Spectrum service.

Company
Cloudflare

Date published
Sept. 19, 2018

Author(s)
Jérôme Fleury, Louis Poinsignon

Word count
1595

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.