Hello everyone,
Aftab Siddiqui is currently exploring the possibility of using Route Object
Authorisations (ROAs) as a potential replacement to LOAs. Separate to this (and unknowing of Aftab's research), I had started a discussion on the RPKI Community guild on Discord (https://discord.gg/9jYcqpbdRE)
discussing the usage of ROAs instead of LOAs.
An LOA, or "Letter of Authority" / "Letter of Authorization," is a formal
document granting permission for third parties to take specific actions regarding network resources or services. In the service provider industry, its primary use is for advertising address resources (IPv4/v6 and ASN). When an organization intends to announce
its IP prefixes through its own or a transit provider's ASN to the global internet, it typically needs to provide an LOA to their transit provider, confirming their custodianship or ownership of the resources.
RPKI ROA, stands for "Resource Public Key Infrastructure Route Origin
Authorization," is part of a security framework designed to validate the authenticity of internet routing information. It involves a digitally signed object that specifies which Autonomous Systems (ASes) are permitted to announce specific IP address prefixes.
Could you please take a moment to fill out our brief survey? Your feedback
will play a crucial role in our understanding of this topic.
Thanks,
Christopher Hawker