Hello, I do agree with presenting this during an IEPG meeting, sounds interesting, however, maybe at the end is not different from other prefix hijacks all of us have seem before. Regards, Alejandro, P.S. The prefix 2001:500:a8::/48 does not appear to have a RPKI ROA but has IRR P.S2. I don't think it's possible, but it would be nice if there is a way to "simulate" what could have happen (scope) if the prefix would have had a ROA. On 2/3/23 6:11 PM, George Michaelson wrote:
I would appreciate something like an IEPG presentation on this one, from anyone involved in the incident detection, remediation and analysis. It might also be a SIDROPS thing, but IEPG feels like a good fit, or DNS-OARC.
Realising some aspects of the security posture can't be talked about, this is fundamentally a problem in public utility services, and against the public utility routing model (BGP) so the role of a ROA, or other mechanistic defences stands as something I think we (the community at large) would want a chance to talk about.
I'd be fascinated (for instance) how widely this was "seen" given the anycast nature of service delivery.
cheers, and commiserations to anyone involved in the problem.
-George
On Fri, Mar 3, 2023 at 5:43 AM Schleckser, Barbara G. (MSFC-IS64) via rssac-caucus <rssac-caucus@icann.org> wrote:
I hate to highjack this email string, but I have a pressing question. E-Root experienced an Exact prefix hijack of prefix 2001:500:a8::/48 and was notified of this by CodeBGP. My SOC/NOC are interested in finding out how ICANN ( or other agency) responds to these types of incidents. Since this was not an issue with out server we need to have someone who can reach out to the offending party to correct. Who can a talk to regarding this event?
Barbara Schleckser DNS, DHCP, and IP Address Management (DDI) Service Element Manager Enterpise Software Services Service Element Manager E-Root Service Manager Network and Telecommunications Services (NaTS) NASA 256-624-0178 (Cell) Barbara.g.schleckser@nasa.gov
-----Original Message----- From: rssac-caucus <rssac-caucus-bounces@icann.org> On Behalf Of Paul Hoffman Sent: Thursday, March 2, 2023 11:46 AM To: Andrew McConachie <andrew.mcconachie@icann.org> Cc: RSSAC Caucus <rssac-caucus@icann.org> Subject: [EXTERNAL] Re: [RSSAC Caucus] RSSAC002v5: New title for section 3.1
On Mar 1, 2023, at 6:34 AM, Andrew McConachie <andrew.mcconachie@icann.org> wrote:
So how about this: 3.1 The time elapsed between publishing and serving That seems too abbreviated, but might be OK. The best I could come up with is "The time elapsed between receipt of a new zone and serving", which may be too long.
--Paul Hoffman
_______________________________________________ rssac-caucus mailing list rssac-caucus@icann.org https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.o...
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.icann....) and the website Terms of Service (https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.icann.... U5cDE1GNeCRAJvwKs4rP0btjsbD8FBMDhs%3D&reserved=0). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. _______________________________________________ rssac-caucus mailing list rssac-caucus@icann.org https://mm.icann.org/mailman/listinfo/rssac-caucus
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
rssac-caucus mailing list rssac-caucus@icann.org https://mm.icann.org/mailman/listinfo/rssac-caucus
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.