Security with autonomy: governing RPKI and secure BGP

25 October 2013 - A Workshop on Critical Internet Resources in Bali, Indonesia


In the abstract, the introduction of routing security technologies like RPKI and secure BGP highlights the tension between hierarchical and decentralized governance of the Internet. Widespread deployment of these technologies to authenticate use of IP address resources and ensure integrity of routing announcements could in theory benefit Internet routing, making it more secure. However, they potentially create a centralized control point(s) for Internet routing that operates largely autonomously today. Research notes that the hierarchical nature of RPKI makes it technically possible for delegators of address space to easily and unilaterally revoke it in a manner that could affect address reachability (Brogle et al 2013). Recent policy recommendations seem to concur, arguing for the “cautious, staged deployment” of RPKI in order to mitigate inherent risks (FCC 2013).

This workshop will examine under what conditions, and to what extent, can secure routing arrangements be institutionalized. It will address the following questions: Do the security gains achieved by proposed new routing arrangements justify the operational and governance risks? Where will these governance activities occur? What rules can be used to govern the RPKI and secure BGP? Which actors should have the ability to influence these rules and thereby impact use of the Internet? What routing security policies and governance arrangements are already in place or being considered among network operators? How can routing security be implemented while preserving ISPs autonomy?