| ▲ | nemomarx 8 hours ago |
| This actually shows pretty good coverage for this feature, it seems to me. The big American isps do it, the mobile ones do too... How many major isps would we want to implement it to be "safe" and what would that look like? Is this a regional thing? They've only listed 4 unsafe ones on the site and that doesn't seem like a major issue, but maybe they're very large somewhere. |
|
| ▲ | toast0 5 hours ago | parent | next [-] |
| > How many major isps would we want to implement it to be "safe" and what would that look like? It would be "enough" if all the major transit ISPs did it and it would be helpful if all the major residential ISPs did it. If non-RPKI routes can't propagate through transit ISPs, that makes it a much less useful thing to do. |
|
| ▲ | KomoD 8 hours ago | parent | prev | next [-] |
| We want more than just major isps. They've listed way more than 4 (and those 4 are also massive), click "Show all". There's 254 operators marked as unsafe. |
|
| ▲ | chrismustcode 8 hours ago | parent | prev | next [-] |
| I'm on sky in the UK which is marked as not safe due to no RPKI. It's not on the list so imagine there is a fair few missing, would be neat to have a table you could filter by country, provider type (cloud/isp etc) based on real results from users. edit: there's a show all button to expand the table |
| |
| ▲ | SCdF 8 hours ago | parent | next [-] | | If you're interested, Community Fibre is a yes from this website | |
| ▲ | badgersnake 8 hours ago | parent | prev [-] | | I get the same result for A&A, but frankly I trust them more than some random site with (apparently) an axe to grind. | | |
| ▲ | jsty 7 hours ago | parent | next [-] | | https://www.aa.net.uk/etc/news/bgp-and-rpki/ | | |
| ▲ | OJFord 5 hours ago | parent [-] | | And here we are six years on... I have a lot of respect for A&A, but I do find it hard to sympathise with that page. |
| |
| ▲ | tialaramex 8 hours ago | parent | prev [-] | | My hope would be that A&A have a process manually whitelisting the route that made the test fail because in fact (as of course it would be) it's actually deliberately not signed but it is really their route. But on some level that's like assuming the reason the guy with the handgun is on your plane is that he's a sky marshal and not that some idiot let a concealed handgun through security. I mean, sure, maybe, but, maybe not. Without asking it's just a guess and I haven't asked. Maybe I should. | | |
| ▲ | tialaramex 6 hours ago | parent [-] | | And now thanks to jsty's sibling comment I don't have to ask, thanks! It does seem like they've been more than "cautious" enough at this point and should just implement RPKI. |
|
|
|
|
| ▲ | asveikau 7 hours ago | parent | prev | next [-] |
| I got a fail on T-Mobile USA. It seems in the full list that T-Mobile is listed as both passing and failing. |
| |
| ▲ | RyJones 7 hours ago | parent | next [-] | | T-Mobile consists of at least five distinct networks depending on when your carrier was purchased, last time I was talking with some of the network security guys in Factoria. It’s been four years - they may have converged some of them. | | |
| ▲ | Melatonic 4 hours ago | parent [-] | | Also failing here in the Los Angeles area. Used to be on Sprint before the acquisition. Probably location dependent | | |
| ▲ | asveikau an hour ago | parent [-] | | I got the failure message in San Francisco. Not sure if it makes a difference, but I had a T-Mobile SIM card I bought in Seattle in 2010 and was carrying from phone to phone for years, but I recently replaced the SIM because I heard newer t-mobile SIMs can do better finding 5g coverage. |
|
| |
| ▲ | ck2 7 hours ago | parent | prev [-] | | same T-Mobile USA, AS21928 does NOT implement BGP safely
|
|
|
| ▲ | philipwhiuk 8 hours ago | parent | prev [-] |
| Click show all. Major ISPs like British Telecom (core UK telephony), NTT Docomo (Japan), Vodafone Espana (showing that Vodafone isn't doing it globally), Starlink (showing it's not a old tech problem), Rogers (US ISP) are listed unsafe. I think the 31 is a misleadingly positive picture. |
| |
| ▲ | asveikau 7 hours ago | parent | next [-] | | I thought Rogers was Canadian. | |
| ▲ | hrmtst93837 6 hours ago | parent | prev [-] | | Counting networks passes for journalism, and 31 is noise unless you weight each entry by size and traffic split. A pile of single-homed stubs matters far less than one big transit network, because outages and hijacks bite where traffic concentrates, and that makes the headline number feel brokn rather than reassuring. |
|
