In your previous mail you wrote: Sure, SEND/CGA is cool. => please note if SEND protects you against attacks, it does nothing against a configuration error, i.e., it doesn't protect against trusted junk infos. Regards Francis.Dupont at fdupont.fr PS: technically the part of SEND used for RAs is a PKI, in fact the RPKI, not the CGA part.