Border Gateway Protocol (BGP) is the postal service of the Internet … when someone submits data across the Internet, BGP is responsible for looking at all of the available paths that data could travel and picking the best route
BGP is an essential Internet protocol. But it has a weakness. It can occasionally go wonky, either by accident or by malicious actions. For example, routing large amounts of Internet traffic through a Russian-government-owned ISP.
The solution is Resource Public Key Infrastructure (RPKI), which cryptographically signs routing information to ensure its validity.
But many ISPs have not yet implemented RPKI. How can I tell if my ISP is using safe BGP?
Cloudflare has launched isBGPSafeYet.com. I can use this free online tool to test if my web requests are subject to RGP hijacking.
What if my ISP is still using unsafe BGP? I can politely reach out to my service provider and ask them to deploy RPKI. If that fails, I can share the news, warning others to stay away from the unsafe provider, like this … Boo Verison/Cellco!
Contrary-wise, if my ISP uses safe BGP, I should praise them, like this … Yay AT&T!
