Difference between pages "George Michaelson" and "RPKI"

From ICANNWiki
(Difference between pages)
Jump to navigation Jump to search
(Created page with "{{People |portrait=George_michaelson.jpg |caricature=George MichaelsonComing1.jpg |organization=APNIC |jobtitle=Senior Research and Development Officer |gender=Male |region=A...")
 
(Created page with "'''Resource Public Key Infrastructure''' (RPKI) is a framework designed to secure the Border Gateway Protocol. RPKI provides a way to connect Internet number resource...")
 
Line 1: Line 1:
{{People
+
'''Resource Public Key Infrastructure''' (RPKI) is a framework designed to secure the [[BGP|Border Gateway Protocol]]. RPKI provides a way to connect Internet number resource information to a trust anchor. Holders of number resources use RPKI to control the operation of Internet routing protocols to prevent route hijacking and other attacks.<ref>[https://www.apnic.net/community/security/resource-certification/ Resource Certification, APNIC]</ref>
|portrait=George_michaelson.jpg
+
Resource Public Key Infrastructure (RPKI), defined in RFC 6810, was proposed to authenticate the relationship between a prefix and its origination.
|caricature=George MichaelsonComing1.jpg
+
 
|organization=APNIC
+
In an article on security issues and resolutions for RPKI, [[MANRS]] Fellow Dr. [[Bahaa Al-Musawi]] describes in detail the pros and cons of implementing RPKI,<ref>[https://www.manrs.org/2021/04/2-security-issues-with-rpki-and-how-to-fix-them/ RPKI Security, MANRS]</ref> which include:
|jobtitle=Senior Research and Development Officer
+
 
|gender=Male
+
''Advantages'':
|region=Australia
+
# reduces route leaks
|stakeholdergroup=Technical Community
+
# prevents the propagation of invalid routes
|affiliation=RSSAC
+
# discards invalid routes
|newsletter=Subscribe to our Newsletter
+
 
|blog=https://blog.apnic.net/
+
''Problems'':
}}
+
# The open-source tool [[Rsync]] is the main way of distributing RPKI data; repositories are vulnerable to [[DoS Attack|Denial of Service attacks]], and few rsync client libraries exist
'''George Michaelson''' is [[APNIC]]'s senior R&D scientist. He works on long-baseline [[DNS]] statistics, services logging, audit, and analysis; and the designing and implementation of the [[INRC|Internet Number Resource Certification]] framework.<ref>[https://www.apnic.net/about-apnic/team/george-michaelson/ APNIC Team]</ref>
+
# Unguaranteed updated RPKI data
==Career History==
+
 
George was the Technical Services Manager for APNIC from 2001 to 2005, responsible for ICT, the technical team, standards development, and technical governance and coordination. Prior to joining APNIC, he worked at Leeds University, York University, University College London, the Division of Information Technology at the [[CSIRO]] in Melbourne, the University of Queensland, Australian [[ISP]]s [[Access-One]] and [[connect.com.au]], and [[DSTC]].
 
==ICANN and Internet Governance Participation==
 
* [[RSSAC]] Caucus Member<ref>[https://www.icann.org/groups/rssac-caucus ICANN Groups]</ref>
 
* [[BCS]] Member
 
* Founder member of the Australian chapter of the [[ISOC|Internet Society]]
 
* [[IETF]] Previous WG chair of the [[CRISP]] working group
 
* IETF standardization meeting participant
 
* Co-chair of the auDA Competition Panel 2001
 
==Education==
 
Honours Degree in computer science, York University, in 1982
 
==Publications==
 
* [[APNIC]] Blogger
 
* Co-author, with Prior, of [[RFC]] 1562: Naming Guidelines for the AARNet X.500 Directory Service Prior; and, with Huston, of RFC 5396: Textual Representation of [[Autonomous System Numbers]]
 
* [[CircleID]] Blogger
 
 
==References==
 
==References==

Latest revision as of 16:59, 12 May 2021

Resource Public Key Infrastructure (RPKI) is a framework designed to secure the Border Gateway Protocol. RPKI provides a way to connect Internet number resource information to a trust anchor. Holders of number resources use RPKI to control the operation of Internet routing protocols to prevent route hijacking and other attacks.[1] Resource Public Key Infrastructure (RPKI), defined in RFC 6810, was proposed to authenticate the relationship between a prefix and its origination.

In an article on security issues and resolutions for RPKI, MANRS Fellow Dr. Bahaa Al-Musawi describes in detail the pros and cons of implementing RPKI,[2] which include:

Advantages:

  1. reduces route leaks
  2. prevents the propagation of invalid routes
  3. discards invalid routes

Problems:

  1. The open-source tool Rsync is the main way of distributing RPKI data; repositories are vulnerable to Denial of Service attacks, and few rsync client libraries exist
  2. Unguaranteed updated RPKI data

References

  1. Resource Certification, APNIC
  2. RPKI Security, MANRS
Retrieved from "https://icannwiki.org/index.php?title=George_Michaelson&oldid=1312318"