The Internet Society has been working on Mutually Agreed Norms for Routing Security (MANRS) for a few years, and they recently funded some industry research to gain insights into network operators’ and enterprises’ requirements and plans around routing security.
The report itself is definitely worth a read (see references below). Particular results that I think are of interest for both MANRS and URSA are:
- that enterprises are also concerned about address spoofing and route hijacking; and
- the apparent disconnect between operators’ expectations of customers’ routing security interests and the enterprises expressed willingness to prefer network services that provide better security.
The first should be a really important driver for getting operators to step up and implement the best practices that are at the heart of MANRS. Also, it should help focus attention and interest in URSA’s efforts to get agreement on rational next steps in selecting and deploying routing security technologies.
The second is a bit of a puzzle, but perhaps best interpreted as an opportunity for operators to understand that customers are interested and willing to pay to support the right thing being done.
The Internet Society overview of the report is here: https://www.routingmanifesto.org/resources/research/
The full report itself is available here: https://www.routingmanifesto.org/wp-content/uploads/sites/14/2017/09/451_Advisory_BW_MANRS_InternetSociety_10375.pdf