Author:
Source
Sponsored:
Atlas of AI: Power, Politics, and the Planetary Costs of Artificial Intelligence - Audiobook
Uncover the true cost of artificial intelligence.
Listen now, and see the system behind the screens before the future listens to you. = > Atlas of AI $0.00 with trial. Read by Larissa Gallagher
There has long been some concern in the networking communities, particularly the routing security part, about the use of very long lived Trust Anchor (TA) certificates in routing infrastructure.
Today Job Snijders (job@) commited code to
rpki-client(8)
to implement a gradual phase in of a stricter policy on TA certificates lifetimes.
The commit message reads,
Subject: CVS: cvs.openbsd.org: src From: Job Snijders <job () cvs ! openbsd ! org> Date: 2024-12-18 16:38:40 CVSROOT: /cvs Module name: src Changes by: job@cvs.openbsd.org 2024/12/18 09:38:40 Modified files: usr.sbin/rpki-client: cert.c Log message: Schedule future rejection of ultra long-lived TA certificates The RPKI ecosystem suffers from a partially unmitigated risk related to long-lived Trust Anchor certificate issuances.
