%% You should probably cite rfc9319 instead of this I-D. @techreport{ietf-sidrops-rpkimaxlen-04, number = {draft-ietf-sidrops-rpkimaxlen-04}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpkimaxlen/04/}, author = {Yossi Gilad and Sharon Goldberg and Kotikalapudi Sriram and Job Snijders and Ben Maddison}, title = {{The Use of Maxlength in the RPKI}}, pagetotal = 12, year = ** No value found for 'doc.pub_date.year' **, month = ** No value found for 'doc.pub_date' **, day = ** No value found for 'doc.pub_date.day' **, abstract = {This document recommends ways to reduce forged-origin attack surface by prudently limiting the address space that is included in Route Origin Authorizations (ROAs). One recommendation is to avoid using the maxLength attribute in ROAs except in some specific cases. The recommendations complement and extend those in RFC 7115. The document also discusses creation of ROAs for facilitating Distributed Denial of Service (DDoS) mitigation services. Considerations related to ROAs and origin validation for the case of destination-based Remote Triggered Black Hole (RTBH) filtering are also highlighted.}, }