CloudFlare is a service we make use of here on our own website as a means of protecting our server and reducing load. But CloudFlare is slowly expanding into the market with more consumer products with products like Warp. Recently, CloudFlare has released a service called Is BGP safe yet.
The test is quite simple you tap the screen to test your ISP and you will get results to determine whether or not your ISP has implemented RPKI. Now, this is cool but if you’re like most users who received notifications of this news but have no idea what it means let’s jump into it.
What Is RPKI?
Before we can address what RPKI is let’s clearly define what BGP is. BGP is an internet protocol known as Border Gateway Protocol. This protocol is responsible for determing what route your data takes when traveling the internet.
The fundamental issue with this protocol is it is vulnerable to bad actors who can hijack your connection. Let’s say you’re trying to go to Google.com but your ISP routes you to a data center in a common spam country. You could then be sent to an entirely different website without necessarily having any malware on your device its entirelly outside your control.
Infact, Verizon recently knocked off large parts of the internet including my own websites due to their mistake. Now, RPKI is meant to help prevent this it stands for Resource Public Key Infrastructure. What this does is it it enables filtering on the origin network and prefix size. RPKI then says that any more-specific prefix should then not be accepted no matter what the path is.
It Keeps Your Traffic Secure
RPKI prevents bad actors from mishandling routes to try and route you to another website or server. It’s something that all Internet Service Providers should implement to protect their users. Since there is nothing you can do as the customer to protect yourself all you can do is try to publicly shame your ISP to implement RPKI.
Some of these ISPs we all know which one, are more shameless than others and will only jump on board once everyone else does.