(Apologies for duplication)

Hello all,

The NRO RPKI Program [1] has published a blog post explaining the proposed solution to concerns with the current RPKI Trust Anchor configuration, now documented in the Internet-Draft https://www.ietf.org/archive/id/draft-nro-sidrops-ta-constraints-00.txt

The draft defines a mechanism that allows RPKI Trust Anchors (TAs) to declare which TA is authoritative for which Internet Number Resources, helping prevent RPKI validation conflicts.

You can read the blog post here: https://labs.ripe.net/author/sofia_silva_berenguer/a-solution-to-concerns-on-the-current-rpki-trust-anchor-configuration/

We welcome feedback and discussion on the sidrops mailing list [2] and during the upcoming SIDROPS WG session at IETF 124 (Montreal, Nov 3) [3].

Warm regards,

Sofía

—

[1] https://www.nro.net/technical-coordination/nro-rpki-program/

[2] https://mailman3.ietf.org/mailman3/lists/sidrops@ietf.org/

[3] https://datatracker.ietf.org/meeting/124/session/sidrops

____________________________________________________________________

Sofía Silva Berenguer

NRO RPKI Program Manager

e: sofia@apnic.net

____________________________________________________________________