The NCSC is currently coordinating a multi-party CVD process. A multi-party CVD process requires broad, multiple coordination with many international parties. This time, a difference of opinion with some developers of RPKI client software arose around this process. Sometimes this is unavoidable, how unfortunate this may be. Given the interests surrounding disclosure and improvement actions, the NCSC chooses to reveal the details about this vulnerability at 3PM CET, Monday November 1st. Partially in coordination with (most) of the parties involved.
Source: Read More (National Cyber Security Centre – News items)