This week another Radiant Award has been awarded by the Internet Security Research Group, the folks behind Let’s Encrypt. The award puts the limelight on the heroes who make the Internet more secure and trustworthy each day.
The newest Radiant Award winner is Claudio Jeker, who receives the prize for his work of a BGP4 implementation on OpenBSD. This makes me horrendously enthusiastic. Why?
OpenBSD is a open-software based operating system that is focused on being secure and feature complete. It comes with a set of tools that make it ideally suited to be deployed, for instance, as a secure route server in an Internet Exchange Point (IXP). A route server is a service that an IXP can host in order to make the participating network service providers lives a little easier. They do not have to get the routing information from each other, but can simply talk to this piece of centralized infrastructure. OpenBSD allows this type of infrastructure to be build from commodity components in a scalable and secure way.
With a route server in place, an IXP can take additional measures to secure the Internet, namely by taking the MANRS actions.
Ultimately this would not be possible if OpenBSD did not have a rock-solid implementation of the Internet routing protocol (BGP4) – and that is exactly what Claudio developed. And to put a cherry on top, his software fully supports authenticated filtering of routes using a protocol called RPKI. RPKI is yet another critical piece of infrastructure needed to secure the Internet routing system and a way to implement one of the MANRS actions.
Claudio’s work will prove to be an important piece towards a better Internet security.
Want to know more about Let’s Encrypt? Read a comprehensive overview of the initiative – from inspiration to implementation, organization, and execution.