The current duplicate RPKI object detection isn't strict enough. Malicious repositories could cause collisions of malicious objects with benign objects, invalidating those benign objects. Ideally duplicate detection should be done at the level of file hash.
The current duplicate RPKI object detection isn't strict enough. Malicious repositories could cause collisions of malicious objects with benign objects, invalidating those benign objects. Ideally duplicate detection should be done at the level of file hash.
Also see #28.