In order to cope with the BGP (Border Gateway Protocol) security defects, RPKI (Resource Public Key Infrastructure) was proposed in IETF (Internet Engineering Task Force) in order to authenticate the relationship between IP prefix and its origination. Since 2012, a series of RPKI-related protocols have been standardized in IETF and the community has launched its actual deployment. However, with the global deployment of RPKI, a lot of concerns from technical, economic and political aspects have been raised. In this paper, we attempt to collect and analyze the most critical risks appeared during the RPKI deployment, and summarize the alternative solutions which have been presented to address or mitigate these risks.
展开▼