[cabf_validation] BGP hijacking protections

Ben Wilson bwilson at mozilla.com
Thu Oct 13 18:37:10 UTC 2022


Great, thanks!

On Thu, Oct 13, 2022, 10:44 AM Josh Aas <josh at letsencrypt.org> wrote:

> Great timing for this question. We are working with the folks from
> Princeton on a proposal that we plan to send to this list in the next
> couple of months.
>
> On Thu, Oct 13, 2022 at 12:26 PM Ben Wilson via Validation <
> validation at cabforum.org> wrote:
>
>> All,
>> Do we need to somehow add something in the BRs to better protect
>> subscribers against BGP hijacking?  See
>> https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/lxiA7zcKLws/m/-1imDKu4AQAJ
>> and https://www.coinbase.com/blog/celer-bridge-incident-analysis. Is
>> there something that CAs and subscribers can arrange ahead of time to
>> prevent this kind of attack from succeeding? Could the CA/Browser Forum
>> adopt something in the BRs that would be of benefit?
>> Thanks,
>> Ben
>> _______________________________________________
>> Validation mailing list
>> Validation at cabforum.org
>> https://lists.cabforum.org/mailman/listinfo/validation
>>
>
>
> --
> Josh Aas
> Executive Director
> Internet Security Research Group
> Let's Encrypt: A Free, Automated, and Open CA
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20221013/272cb6ea/attachment.html>


More information about the Validation mailing list