> The constraints are simple text files and parsed in a restricted
> subprocess. Operators can trivially disable the imposition of
> constraints by deleting /etc/rpki/*.constraints, if need be.
Mmm I fully get your sentiment & concern and agree with it.
The biggest problem simply lies in
Dear all,
Two weeks ago AFRINIC was placed under receivership by the Supreme Court
of Mauritius [1]. This event prompted me to rethink our trust and threat
model and associated risk surface.
The RPKI technology was designed to be versatile and flexible to
accommodate a myriad of real-world deploy
