1. On Measuring RPKI Relying Parties
- Author
-
George Michaelson, Thomas C. Schmidt, Amreesh Phokeer, Chris Kanich, Matthias Wählisch, Randy Bush, and John Kristoff
- Subjects
business.industry ,Computer science ,IP forwarding ,020206 networking & telecommunications ,02 engineering and technology ,Certification ,Prefix ,Software deployment ,Reachability ,Robustness (computer science) ,020204 information systems ,0202 electrical engineering, electronic engineering, information engineering ,The Internet ,Routing (electronic design automation) ,business ,Computer network - Abstract
In this paper, we introduce a framework to observe RPKI relying parties (i.e., those that fetch RPKI data from the distributed repository) and present insights into this ecosystem for the first time. Our longitudinal study of data gathered from three RPKI certification authorities (AFRINIC, APNIC, and our own CA) identifies different deployment models of relying parties and (surprisingly) prevalent inconsistent fetching behavior that affects Internet routing robustness. Our results reveal nearly 90% of relying parties are unable to connect to delegated publication points under certain conditions, which leads to erroneous invalidation of IP prefixes and likely widespread loss of network reachability.
- Published
- 2020