NLnet Labs<p>And to finish off this release-packed Thursday, we're happy to offer the first Release Candidate of our <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> proxy RTRTR, version 0.3.2-rc1. This release adds <a href="https://fosstodon.org/tags/ASPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ASPA</span></a> support to the JSON input and output, and more… <a href="https://github.com/NLnetLabs/rtrtr/releases/tag/v0.3.2-rc1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/rtrtr/rel</span><span class="invisible">eases/tag/v0.3.2-rc1</span></a></p>
mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit
Administered by:
Server stats:
332Kactive users
mastodon.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-nightly.2025-04-15
#rpki
2 posts · 1 participant · 0 posts today
NLnet Labs<p>A new release of Rotonda, our composable, programmable <a href="https://fosstodon.org/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGP</span></a> engine, is now available. Version 0.4.0 'Bold and Undaunting Youth' features and <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> RTR component, as well as Route Origin Validation on incoming routes. <a href="https://github.com/NLnetLabs/rotonda/releases/tag/v0.4.0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/rotonda/r</span><span class="invisible">eleases/tag/v0.4.0</span></a></p>
ティージェーグレェI submitted a Pull Request to update MacPorts' rpki-client to 9.5 here:<br><br><a href="https://github.com/macports/macports-ports/pull/28128" rel="nofollow noopener" target="_blank">https://github.com/macports/macports-ports/pull/28128</a><br><br>GitHub Continuous Integration checks passed!<br><br>Update: Or at least I thought they did?<br><br>Now seeing this error:<br><br>"Creating port index in /Users/runner/work/macports-ports1597/macports-ports1597/ports<br>Adding port net/rpki-client<br>signal interp lost<br>ports/.github/workflows/bootstrap.sh: line 150: 2047 Abort trap: 6 portindex -e<br>Error: Process completed with exit code 134."<br><br>o.O<br><br>From: <a href="https://github.com/artkiver/macports-ports1597/actions/runs/14437970476" rel="nofollow noopener" target="_blank">https://github.com/artkiver/macports-ports1597/actions/runs/14437970476</a><br><br>Even though previously in the GitHub UI, it showed all three checks as green. wtfh? I mean, I <i>hate</i> GitHub and have less than no reason to trust it, but that's a new one, even for me.<br><br>If I check: <a href="https://github.com/macports/macports-ports/pull/28128/checks" rel="nofollow noopener" target="_blank">https://github.com/macports/macports-ports/pull/28128/checks</a><br><br>All is green there too. I am so confused.<br><br>Regardless, it's up to someone else with commit access to merge it.<br><br>Meanwhile, still no assistance regarding my request for help on the MacPorts' patches for OpenSSH 10.0p1/2 for ssh-agent.c and sshd-session.c, but someone else did open another Trac issue regarding OpenSSH's logging (or lack thereof) here:<br><br><a href="https://trac.macports.org/ticket/72345" rel="nofollow noopener" target="_blank">https://trac.macports.org/ticket/72345</a><br><br>Though, they also observe the same behavior with the Apple shipped version, so they pontificate if it may be an issue upstream?<br><br>Ya think?<br><br>Sometimes, I think folks vastly overestimate what "maintainer" means or how much I might be using some of this software or what they expect me to do about it just because it is "assigned" to me.<br><br>For example: I basically do not run sshd on any macOS systems, since I only have Apple laptops which sleep a <i>lot</i> and are absolutely <i>awful</i> as anything that should be a server running daemonized software.<br><br>Did these folks not notice that Apple <i>themselves</i> discontinued their XServe hardware line circa 2004? Or that even their "OS X Server" product was discontinued from the App Store in 2022?<br><br>I guess they missed the memos, couldn't read the room or writing on the wall?<br><br>But then, they observed this in macOS Monterey, which itself is from 2021, so maybe they just prefer livin in the past? I have no idea.<br><br>I am not even sure how to meaningfully reply to that Trac issue.<br><br><a href="https://snac.bsd.cafe?t=rpki" class="mention hashtag" rel="nofollow noopener" target="_blank">#RPKI</a> <a href="https://snac.bsd.cafe?t=rpkiーclient" class="mention hashtag" rel="nofollow noopener" target="_blank">#rpkiーclient</a> <a href="https://snac.bsd.cafe?t=macports" class="mention hashtag" rel="nofollow noopener" target="_blank">#MacPorts</a> <a href="https://snac.bsd.cafe?t=macos" class="mention hashtag" rel="nofollow noopener" target="_blank">#macOS</a> <a href="https://snac.bsd.cafe?t=bgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#BGP</a> <a href="https://snac.bsd.cafe?t=openbgpd" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenBGPD</a> <a href="https://snac.bsd.cafe?t=opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a><br>
Peter N. M. Hansteen<p>rpki-client 9.5 released <a href="https://www.undeadly.org/cgi?action=article;sid=20250412123402" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">undeadly.org/cgi?action=articl</span><span class="invisible">e;sid=20250412123402</span></a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="tag">#<span>openbsd</span></a> <a href="https://mastodon.social/tags/rpkiclient" class="mention hashtag" rel="tag">#<span>rpkiclient</span></a> <a href="https://mastodon.social/tags/rpki" class="mention hashtag" rel="tag">#<span>rpki</span></a> <a href="https://mastodon.social/tags/bgp" class="mention hashtag" rel="tag">#<span>bgp</span></a> <a href="https://mastodon.social/tags/pki" class="mention hashtag" rel="tag">#<span>pki</span></a> <a href="https://mastodon.social/tags/crypto" class="mention hashtag" rel="tag">#<span>crypto</span></a> <a href="https://mastodon.social/tags/cryptography" class="mention hashtag" rel="tag">#<span>cryptography</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://mastodon.social/tags/routing" class="mention hashtag" rel="tag">#<span>routing</span></a> <a href="https://mastodon.social/tags/bgp" class="mention hashtag" rel="tag">#<span>bgp</span></a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="tag">#<span>networking</span></a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="tag">#<span>freesoftware</span></a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="tag">#<span>libresoftware</span></a></p>
Adrian Offerman<p>also available in English:<br>Adoption of RPKI/ROV security protocol progressing very quickly -- Next step is implementation of ASPA</p><p>Although RPKI/ROV is being adopted very quickly, it's still early days for the other two RPKI-based protocols. Anyone now running RPKI with ROV will be able to take the next step to ASPA in the next few years. Where BGPsec is concerned, it's a question of waiting for the next generation of routing systems.</p><p><a href="https://mastodon.offerman.com/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> <a href="https://mastodon.offerman.com/tags/ASPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ASPA</span></a> <a href="https://mastodon.offerman.com/tags/BGPsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGPsec</span></a> <a href="https://mastodon.offerman.com/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGP</span></a> <a href="https://mastodon.offerman.com/tags/IPv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IPv6</span></a> <a href="https://mastodon.offerman.com/tags/InternetSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InternetSecurity</span></a></p>
Adrian Offerman<p>op SIDN.nl:<br>RPKI/ROV-beveiligingsprotocol maakt razendsnelle adoptie door -- Volgende stap is implementatie van ASPA<br><a href="https://www.sidn.nl/nieuws-en-blogs/rpki-rov-beveiligingsprotocol-maakt-razendsnelle-adoptie-door" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sidn.nl/nieuws-en-blogs/rpki-r</span><span class="invisible">ov-beveiligingsprotocol-maakt-razendsnelle-adoptie-door</span></a></p><p>Waar RPKI/ROV een heel snelle adoptie heeft doorgemaakt, is het voor de andere twee RPKI-gebaseerde protocollen nog net te vroeg. Wie nu RPKI met ROV heeft draaien, zal een dezer jaren de vervolgstap naar ASPA kunnen maken. Voor BGPsec is het wachten op de volgende generatie routersystemen.</p><p><a href="https://mastodon.offerman.com/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> <a href="https://mastodon.offerman.com/tags/ASPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ASPA</span></a> <a href="https://mastodon.offerman.com/tags/BGPsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGPsec</span></a> <a href="https://mastodon.offerman.com/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGP</span></a> <a href="https://mastodon.offerman.com/tags/IPv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IPv6</span></a> <a href="https://mastodon.offerman.com/tags/InternetSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InternetSecurity</span></a></p>
John Kristoff<p>Did you know chrony, the <a href="https://infosec.exchange/tags/NTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NTP</span></a> implementation, sets up an administrative listener on the loopback interface using UDP/323 by default?</p><p>Unfortunately in the <a href="https://infosec.exchange/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> rpki-rtr has TCP/323 registered with IANA (see IETF RFC 6810). UDP/323 is reserved. Reserving a transport that is unused by the assigned application is common practice these days.</p><p>chrony's choice can probably be chalked up to a historical accident since it came first and presumably picked 323 because it "looked" like 123 and was then unassigned.</p><p>Chrony should probably change their default imo, but maybe it's too late or not worth it now?</p>
NLnet Labs<p>We are pleased to announce the latest release of Routinator, version 0.14.2 ‘Roll Initiative!’ This of our <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> validator fixes an issue in the bundled UI that caused it to retrieve data from our own test instance rather than the actual Routinator instance. Users of the bundled UI should upgrade. <a href="https://github.com/NLnetLabs/routinator/releases/tag/v0.14.2" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/routinato</span><span class="invisible">r/releases/tag/v0.14.2</span></a></p>
Solid Tech<p>Is Your Internet Service Provider (ISP) Secure? Test It Now!</p><p><a href="https://www.byteswifts.com/2025/02/is-your-isp-secure-test-it-now.html" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">byteswifts.com/2025/02/is-your</span><span class="invisible">-isp-secure-test-it-now.html</span></a></p><p><a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="tag">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/ISP" class="mention hashtag" rel="tag">#<span>ISP</span></a> <a href="https://mastodon.social/tags/BGPHijacking" class="mention hashtag" rel="tag">#<span>BGPHijacking</span></a> <a href="https://mastodon.social/tags/DataProtection" class="mention hashtag" rel="tag">#<span>DataProtection</span></a> <a href="https://mastodon.social/tags/OnlineSecurity" class="mention hashtag" rel="tag">#<span>OnlineSecurity</span></a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="tag">#<span>TechNews</span></a> <a href="https://mastodon.social/tags/CyberThreats" class="mention hashtag" rel="tag">#<span>CyberThreats</span></a> <a href="https://mastodon.social/tags/InternetPrivacy" class="mention hashtag" rel="tag">#<span>InternetPrivacy</span></a> <a href="https://mastodon.social/tags/SecureInternet" class="mention hashtag" rel="tag">#<span>SecureInternet</span></a> <a href="https://mastodon.social/tags/NetworkSecurity" class="mention hashtag" rel="tag">#<span>NetworkSecurity</span></a> <a href="https://mastodon.social/tags/CyberAwareness" class="mention hashtag" rel="tag">#<span>CyberAwareness</span></a> <a href="https://mastodon.social/tags/Hacking" class="mention hashtag" rel="tag">#<span>Hacking</span></a> <a href="https://mastodon.social/tags/TechTips" class="mention hashtag" rel="tag">#<span>TechTips</span></a> <a href="https://mastodon.social/tags/Cloudflare" class="mention hashtag" rel="tag">#<span>Cloudflare</span></a> <a href="https://mastodon.social/tags/BGP" class="mention hashtag" rel="tag">#<span>BGP</span></a> <a href="https://mastodon.social/tags/RPKI" class="mention hashtag" rel="tag">#<span>RPKI</span></a> <a href="https://mastodon.social/tags/ITSecurity" class="mention hashtag" rel="tag">#<span>ITSecurity</span></a> <a href="https://mastodon.social/tags/CyberAttack" class="mention hashtag" rel="tag">#<span>CyberAttack</span></a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="tag">#<span>InfoSec</span></a> <a href="https://mastodon.social/tags/CyberDefense" class="mention hashtag" rel="tag">#<span>CyberDefense</span></a> <a href="https://mastodon.social/tags/VPN" class="mention hashtag" rel="tag">#<span>VPN</span></a> <a href="https://mastodon.social/tags/OnlinePrivacy" class="mention hashtag" rel="tag">#<span>OnlinePrivacy</span></a> <a href="https://mastodon.social/tags/SecurityTips" class="mention hashtag" rel="tag">#<span>SecurityTips</span></a> <a href="https://mastodon.social/tags/CyberSec" class="mention hashtag" rel="tag">#<span>CyberSec</span></a> <a href="https://mastodon.social/tags/TechUpdates" class="mention hashtag" rel="tag">#<span>TechUpdates</span></a> <a href="https://mastodon.social/tags/DigitalSecurity" class="mention hashtag" rel="tag">#<span>DigitalSecurity</span></a> <a href="https://mastodon.social/tags/Hackers" class="mention hashtag" rel="tag">#<span>Hackers</span></a> <a href="https://mastodon.social/tags/ITSupport" class="mention hashtag" rel="tag">#<span>ITSupport</span></a> <a href="https://mastodon.social/tags/Networking" class="mention hashtag" rel="tag">#<span>Networking</span></a> <a href="https://mastodon.social/tags/CyberProtection" class="mention hashtag" rel="tag">#<span>CyberProtection</span></a> <a href="https://mastodon.social/tags/SecureYourData" class="mention hashtag" rel="tag">#<span>SecureYourData</span></a> <a href="https://mastodon.social/tags/DigitalSafety" class="mention hashtag" rel="tag">#<span>DigitalSafety</span></a> <a href="https://mastodon.social/tags/Tech" class="mention hashtag" rel="tag">#<span>Tech</span></a></p>
Dan York<p>This is great news! I have long been a huge of Internet.nl as a test site for compliance with the latest standards- and now they have added <a href="https://mastodon.social/tags/RPKI" class="mention hashtag" rel="tag">#<span>RPKI</span></a> into their scoring. (The RPKI test was there for the last 2 years, but didn’t count toward the score - now it does!) </p><p>This is a way to hopefully get people paying more attention to <a href="https://mastodon.social/tags/RoutingSecurity" class="mention hashtag" rel="tag">#<span>RoutingSecurity</span></a> and <a href="https://mastodon.social/tags/MANRS" class="mention hashtag" rel="tag">#<span>MANRS</span></a> </p><p>From: <span class="h-card" translate="no"><a href="https://mastodon.nl/@internet_nl" class="u-url mention">@<span>internet_nl</span></a></span><br /><a href="https://mastodon.nl/@internet_nl/113906271350500646" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">mastodon.nl/@internet_nl/11390</span><span class="invisible">6271350500646</span></a></p>
John Kristoff<p><span class="h-card" translate="no"><a href="https://bsd.network/@job" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>job</span></a></span> again dropping some knowledge and insight with current <a href="https://infosec.exchange/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> operations. Worth a read: <a href="https://mailman.nanog.org/pipermail/nanog/2025-January/227206.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mailman.nanog.org/pipermail/na</span><span class="invisible">nog/2025-January/227206.html</span></a></p>
Internet.nl<p><span class="h-card" translate="no"><a href="https://noc.social/@namedbird" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>namedbird</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@GuidoKostons" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GuidoKostons</span></a></span> </p><p>Goed dat je het gefixt hebt! Wel jammer dat je registrar niet helemaal bij de tijd is. </p><p>Voor andere *Europese* <a href="https://mastodon.nl/tags/DNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNS</span></a> providers die -voor zover wij weten- allemaal <a href="https://mastodon.nl/tags/DNSSEC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DNSSEC</span></a> doen zie trouwens: <a href="https://european-alternatives.eu/category/managed-dns-providers" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">european-alternatives.eu/categ</span><span class="invisible">ory/managed-dns-providers</span></a></p><p>deSEC is zelfs een voor gebruikers kosteloze dienst: <a href="https://desec.io/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">desec.io/</span><span class="invisible"></span></a></p><p>Welke <a href="https://mastodon.nl/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> problemen zie je trouwens bij de mail forwarding via Cloudflare?</p>
Named Bird<p><span class="h-card"><a href="https://mastodon.social/@GuidoKostons" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GuidoKostons</span></a></span> <span class="h-card"><a href="https://mastodon.nl/@internet_nl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>internet_nl</span></a></span> Ik ook!<br>Heb <a href="https://noc.social/tags/ipv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ipv6</span></a> aan en de webserver beveiligd op mijn VPSje.<br>Om DNSSEC werkend te krijgen moest ik cloudflare nameservers gebruiken, aangezien mijn registrar dat niet aan heeft staan op hun eigen servers.<br>Toen direct mail forwarding aangezet en haal daar nu ook ~95% op. (geen 100 wegens <a href="https://noc.social/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> problemen bij <a href="https://noc.social/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudflare</span></a>.)</p>
Clement Cavadore<p>Nous venons d'implémenter un filtrage basé sur "Autonomous System Provider Authorization" (ASPA) sur un des RS de Lillix<br> (RS2).</p><p>Etant donné que ASPA n'est pas encore normalisé, on va attendre que ca soit fait pour l'implémenter sur RS1.<br><a href="https://masto.hivane.net/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> <br>infos sur le blog d'<span class="h-card" translate="no"><a href="https://hostux.social/@alarig" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>alarig</span></a></span> (qui l'a implémenté chez Lillix): <br><a href="https://www.swordarmor.fr/securisation-du-routage-bgp-en-utilisant-aspa-avec-routinator-et-bird-cas-de-breizh-ix.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">swordarmor.fr/securisation-du-</span><span class="invisible">routage-bgp-en-utilisant-aspa-avec-routinator-et-bird-cas-de-breizh-ix.html</span></a></p>
NLnet Labs<p>Routinator offered support for <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> Autonomous System Provider Authorization (ASPA) as an experimental feature for a number of years already. Standardization has now progressed far enough in the <a href="https://fosstodon.org/tags/IETF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IETF</span></a> that we feel comfortable making <a href="https://fosstodon.org/tags/ASPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ASPA</span></a> a core feature in Routinator 0.14.1. <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://fosstodon.org/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenStandards</span></a> <a href="https://github.com/NLnetLabs/routinator/releases/tag/v0.14.1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NLnetLabs/routinato</span><span class="invisible">r/releases/tag/v0.14.1</span></a></p>
NLnet Labs<p>We just released Routinator 0.14.1, fixing CVE-2025-0638, where non-ASCII characters in the file names listed in an <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> manifest lead to a crash of Routinator:<br><a href="https://nlnetlabs.nl/downloads/routinator/CVE-2025-0638.txt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nlnetlabs.nl/downloads/routina</span><span class="invisible">tor/CVE-2025-0638.txt</span></a></p><p>You should also be aware of CVE-2024-12084, fixing a heap-based buffer overflow flaw was found in the rsync daemon:<br><a href="https://nvd.nist.gov/vuln/detail/cve-2024-12084" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/cve-2</span><span class="invisible">024-12084</span></a></p><p>Please make sure you update both Routinator and rsync. Lastly, because gzip is re-enabled, you’ll save up to 50% bandwidth. </p><p><a href="https://nlnetlabs.nl/news/2025/Jan/22/routinator-0.14.1-released/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nlnetlabs.nl/news/2025/Jan/22/</span><span class="invisible">routinator-0.14.1-released/</span></a></p>
NLnet Labs<p>“… require contracted providers of Internet services to agencies to adopt and deploy Internet routing security technologies, including publishing Route Origin Authorizations and performing Route Origin Validation filtering."</p><p>In light of this Executive Order; if you need <a href="https://fosstodon.org/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> solutions that are continually developed, have a proven track record, are trusted by the world’s largest operators and are supported with a service-level agreement, we're here for you. <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p><p><a href="https://www.whitehouse.gov/briefing-room/presidential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">whitehouse.gov/briefing-room/p</span><span class="invisible">residential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/</span></a></p>
Bryan Steele :flan_beard:<p>History/backstory in the OpenBSD commit for rpki-client(8), from Job Snijders.</p><p><a href="https://marc.info/?l=openbsd-cvs&m=173707299408526&w=2" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">marc.info/?l=openbsd-cvs&m=173</span><span class="invisible">707299408526&w=2</span></a></p><p><a href="https://bsd.network/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BGP</span></a> <a href="https://bsd.network/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a></p>
Bryan Steele :flan_beard:<p>The ARIN <a href="https://bsd.network/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> TAL (Trust Anchor Locator) has been updated to include a BSD-like disclaimer comment, making it more widely available.</p><p><a href="https://www.arin.net/announcements/20250116-tal/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">arin.net/announcements/2025011</span><span class="invisible">6-tal/</span></a></p><p>Heads up from Job Snijders on openbsd tech@:</p><p><a href="https://marc.info/?l=openbsd-tech&m=173705588431903&w=2" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">marc.info/?l=openbsd-tech&m=17</span><span class="invisible">3705588431903&w=2</span></a></p>
Jan Schaumann<p>Whoof, this "Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity" is a lot of words:</p><p><a href="https://www.whitehouse.gov/briefing-room/presidential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">whitehouse.gov/briefing-room/p</span><span class="invisible">residential-actions/2025/01/16/executive-order-on-strengthening-and-promoting-innovation-in-the-nations-cybersecurity/</span></a></p><p>Notable:</p><p>"Within 120 days, publish <a href="https://mstdn.social/tags/RPKI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPKI</span></a> Route Origin Authorizations..."</p><p>"Within 180 days, enable encrypted DNS protocols..."</p><p>"Agencies shall implement PQC key establishment or hybrid key establishment including a PQC algorithm as soon as practicable..."</p><p>"Within 270 days, establish a program to use advanced AI models for cyber defense."</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload