Installing RPKI Relying Party Software

In this post I outline the installation of the most popular RPKI relying party (RP) software implementations on Debian 10 (Buster). These installation instructions are primarily for my own reference, but others may find this useful. I take inspiration from Tashi Phuntsho’s How to: Installing an RPKI Validator. The primary differences include updated software, an installation tailored for my specific purposes, and some additional configuration detail. Undoubtedly my installation may not be ideal nor necessarily even well suited for general use. Read more...

New jtk WWW home

I’ve never been particularly satisfied with any web page hosting solution. For years I resorted to maintaining my own simple HTML (i.e. no CSS). If not a little lame and somewhat messy to maintain, this worked more or less fine for me for many years. Now, with the proliferation of handheld devices such as mobile phones, my basic HTML pages are even less appealing to look at and navigate. There are numerous frameworks, templates, and themes with which to build and maintain web pages. Read more...

FIRST.org DNS over TCP survey

I recently repeated the DNS over TCP survey given to the REN-ISAC community with the FIRST community. FIRST membership is largely made up of incident response teams from around the globe. All types of industry sectors are represented within FIRST such as national CSIRTs, banks, governments, and software vendors. I thought it might be interesting to repeat the survey with a security community where there may be some, but relatively little overlap in membership. Read more...

REN-ISAC DNS over TCP survey

In April of this year I conducted an informal two-question survey aimed at the general membership population of the REN-ISAC community. The intent was to gather personal positions and associated member institution stances on DNS over TCP (i.e. should it be filtered, restricted, or unfettered). I was interested in gathering Internet community perceptions after a recently submitted Internet-Draft on DNS Transport over TCP was adopted by the IETF dnsop working group. Read more...