Skip to content
This repository has been archived by the owner on Jul 15, 2021. It is now read-only.

RIPE NCC Validator by default is insecure #232

Closed
job opened this issue Jul 7, 2020 · 3 comments
Closed

RIPE NCC Validator by default is insecure #232

job opened this issue Jul 7, 2020 · 3 comments

Comments

@job
Copy link
Member

job commented Jul 7, 2020

According to documentation the default operating mode of the RIPE NCC Validator is rpki.validator.strict-validation = false, this means that by default the validator operates in an insecure mode which is detrimental to the users of the software.

It is beyond me why I have to open so many tickets to encourage the developers of this software to produce something that is not an immediate and urgent risk to anyone using this software.

@lolepezy
Copy link
Contributor

lolepezy commented Jul 7, 2020

Hi Job,

We are implementing something that is compliant with the current RFCs. Also, given the discussion happening in SIDROPS and in issues of this project, it seems like not all the users are 100% comfortable with the change of the default behaviour. Testing shows that for some repositories (*.br, *.cn, *.tw) some amount (small hundreds) of VRPs will be rejected in the strict mode, so we are not especially comfortable with this change as well.

Most likely, we will switch to 'strict-by-default' behaviour in the upcoming release(s), but for now, with all the trade-offs we've chosen to keep the software back-compatible until there is new version RFC we can refer to in our implementation.

@job
Copy link
Member Author

job commented Jul 7, 2020 via email

@job
Copy link
Member Author

job commented Oct 29, 2020

This was fixed through e934ac3

@job job closed this as completed Oct 29, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants