[routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Previous message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Next message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
George Michaelson
ggm at algebras.org
Fri Oct 12 11:12:18 CEST 2018
There is a problem with the RRDP pub-point in TWNIC which we (APNIC) are discussing with them. They did not appreciate at first that a 443 bound service would have to be publicly visible and wish to re-architect things to move this to a place outside their firewall. It doesn't appear logistically simple to disable the certificated declaration right now, I think we might have an operations discussion about timeouts and risks here. Basically, "they know there is a publicly visible problem" and "they are working on it" -George On Thu, Oct 11, 2018 at 11:15 PM nusenu <nusenu-lists at riseup.net> wrote: > > > > nusenu: > > https://rpki.cnnic.cn/rrdp/notify.xml: java.util.concurrent.TimeoutException > > https://rpkica.twnic.tw/rrdp/notify.xml: java.util.concurrent.TimeoutException > > > are they generally unavailable or are they just answering to a limited set of source IPs? > (depending on geolocation of the source IP) > > -- > https://twitter.com/nusenu_ > https://mastodon.social/@nusenu >
- Previous message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
- Next message (by thread): [routing-wg] RPKI Validator 3: disable fetching from certain repos?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]