18 Feb
2022
18 Feb
'22
11:09 a.m.
Hi all, It might be the case that the vulnerability is in the realm of disagreement with some design choices of the past, rather than a traditional CVE hole in one or more software packages. I found the following paper which touches upon the “assumed trust” aspect of RPKI in the relationship between Relaying Party and Trust Anchor(s). https://www.researchgate.net/publication/349045074_Privacy_Preserving_and_Re... I’m very interested in discussion about cross-signing schemes. Kind regards, Job