Giter Site home page Giter Site logo

draft-rpki-doa's Introduction

draft-spaghetti-sidrops-rpki-doa

RPKI Discard Origin Authorization. A mechanism to confirm whether a resource holder authorized a specific tuple of (peer AS, origin AS, prefix, prefixlength and BGP community) to signal a request to discard traffic.

Work in progress repository for Internet-Draft draft-spaghetti-sidrops-rpki-doa

Usage

Draft documents

The source files for the Internet-Draft documents are:

  • draft-spaghetti-sidrops-rpki-doa.xml
  • RpkiDiscardOriginAuthorization-2021.asn

To regenerate the text and HTML versions after making changes, run:

make drafts

Object prototyping

An rpkimancer plug-in is also available, providing the ability to read and write example DOA objects.

To install (in the root of your checkout):

python3 -m pip install rpkimancer-doa

Object creation and inspection is provided by the rpkincant CLI tool.

See rpkincant --help for usage information.

After making changes to the ASN.1 module source, execute make asn1 to update the patched version in python distribution tree.

To setup a development environment with the required test dependencies:

python3 -m venv .venv
. .venv/bin/activate
python3 -m pip install -r packaging/requirements-dev.txt

draft-rpki-doa's People

Contributors

benmaddison avatar pyup-bot avatar job avatar

Stargazers

Scott Reed avatar Fedor V avatar

Watchers

avatar Fedor V avatar James Cloos avatar avatar avatar

draft-rpki-doa's Issues

Refine EE 3779 resource requirements

Requiring that ipAddrBlocks and originAsID are both covered by the EE
cert's 3779 extensions makes it impossible to issue DOAs in BYOIP scenarios
unless the addresses are delegated to the provider's CA.

This needs further discussion.

Initial Update

The bot created this issue to inform you that pyup.io has been set up on this repo.
Once you have closed it, the bot will open pull requests for updates as soon as they are available.

Discuss interaction between DOA and ROA

RTBH routes will likely be valid under a DOA but invalid under a ROA.

Guidance should be to perform DOA validation first, and skip ROA validation
if the outcome is valid.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.