Sofía Silva Berenguer

Working Towards a Coordinated RPKI System

Sofía Silva Berenguer

3 min read


What would a single, global RPKI system look like?

In our previous article, we introduced the new NRO RPKI Program and what we are aiming to achieve:

“[…] the NRO RPKI Program aims to provide a more consistent and uniformly secure, resilient, and reliable RPKI service to help remove barriers currently experienced by network operators who create RPKI objects through multiple RIRs.”
Improving Regional Internet Registry alignment in the RPKI space

We have now broken down that purpose into more specific outcomes to guide our efforts.

Firstly, we want to gain a better understanding of what a single, global RPKI system would look like. We would like to know more about the expectations from the community in terms of consistency across the Regional Internet Registries (RIRs) in their RPKI implementations.

What degree of diversity is acceptable or even welcome? What aspects of the RPKI system need to be more consistent? Please share your thoughts on this with us!

While we work with the community to clearly define what a single, global RPKI system would look like, we will start working on improving some other aspects of the RPKI system — namely robustness and security.

We plan to focus on better measuring the robustness of the RPKI system as a whole by agreeing on the aspects of robustness that should be measured, and clearly documenting the current status and any relevant planned development initiatives for each RIR regarding those aspects, so that in the future we can make this information public in a uniform way.

What aspects of the robustness of the RPKI system would you see value in knowing more about? Please let us know!

We also want to enhance the security consistency of the RPKI system across the different RIRs by establishing a baseline, working with the guidance of security experts on setting the minimum security requirements, and identifying the gaps per RIR, so we can then prioritise those gaps and work towards closing them.

Finally, and where a lot of my focus will be as a Program Manager, we will work to keep the technical community informed and engaged throughout the program and to address RPKI-related concerns in a coordinated way. I will soon be working on validating some assumptions. Please let me know if you would like to volunteer to participate in interviews or other forms of user research activities.

What are your main challenges around deploying RPKI? Have you created Route Origin Authorizations (ROAs)? Have you set up Route Origin Validation (ROV) in your routers? What are your main concerns about the RPKI system as it stands today? Please get in touch and share your thoughts with us!


You may also like

View more

About the author

Sofía Silva Berenguer Based in Brisbane

NRO RPKI Program Manager, Process and Productivity Engineer for the Registry Value Stream at APNIC, Ontological Coach and mum. Sofía holds an MSc in Telematics Engineering and is an Ontological Coach. She works as the RPKI Program Manager for the NRO and the Process and Productivity Engineer for the Registry Value Stream at APNIC. She joined the RIR world in 2010 when she started working for LACNIC as a Hostmaster and Policy Officer. She then held a few different technical roles at LACNIC, as a Networks and Security Engineer first, then moving on to a role as a Senior Security and Stability Specialist. She joined APNIC in 2017 as a Data Scientist, then became a Product Manager and later a Productivity Coach.

Comments 0