The internet’s routing system today largely relies on “routing by rumor,” a decentralized model where networks share knowledge with each other about the paths that internet traffic can take. This model has enabled the routing system to scale remarkably well as the internet has grown. But the lack of cryptographic protection of routing information has also opened the door to route hijacks and route leaks. Resource Public Key Infrastructure (RPKI) aims to add that protection using “routing without rumor”, where the routing information is authenticated through a certification infrastructure. Because the infrastructure is more centralized, RPKI also introduces new third-party dependencies and brings new security, stability, and resiliency requirements to Regional Internet Registries.
In his keynote, Burt Kaliski Jr., Senior Vice President and CTO at @Verisign, gave the CloudFest 2022 crowd an overview of internet routing security, review current challenges and emerging efforts such as the Mutually Agreed Norms for Routing Security, and share what network operators can do to make the routing system more reliable in the long term.
You can watch this video also at the source.