soBGP deployment
Randy Bush
randy at psg.com
Sat May 21 18:25:54 UTC 2005
> If you are an operator, would you deploy soBGP or something like it? If
> not, why not.
as smb has said for years, routing and dns are the two largest
vulnerabilities.
something like it, for sure. but i vastly prefer the s-bgp
approach as it maps closely to bgp operational reality, and does
not rely on a published policy database, which we have seen fail
for over a decade, etc.
we should learn from the decade-long problems with the deployment
issues in dnssec, and map routing security as closely as possible
to operational protocol and reality.
randy
More information about the NANOG
mailing list