Talk details: Non-functional Delegated RPKI CAs, Tim Bruijnzeels, Bart Bakker

Non-functional Delegated RPKI CAs

Speakers:: Tim Bruijnzeels, RIPE NCC
Bart Bakker, RIPENCC
Date:: Wednesday, 20 May
Time:: 11:05 (UTC +0100)
Room:: Main Room
Session:: Routing
Duration:: 30 min
Transcript:: View session transcript
Meetecho chat:: View session chat
Type:: Talk
Slides:

Abstract

Policy 2025-02 requires that the RIPE NCC revokes persistently non-functional delegated RPKI CAs.

This seemingly simple request gets quite interesting when one zooms in on the details: how do we actually determine that a CA is non-functional? And how can we help operators of delegated CAs to identity and fix their issues?

In this talk we will explain:
* the various moving parts of delegated CAs, publication servers, and RPKI validation interconnect
* how we monitor delegated CAs, and
* what troubleshooting tools we can provide delegated CAs operators with

Recording

Download video

Speakers

Tim Bruijnzeels

Bart Bakker

Specialist Software Engineer working on Internet Routing Security at RIPE NCC.

Rate this talk

Rating is closed.