Validating rights to announce a prefix

• Previous message (by thread): Validating rights to announce a prefix
• Next message (by thread): Validating rights to announce a prefix (was: Public shaming...)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> It's hard to switch to a more secure method later on if you 
> start with a less secure one. So, "upgrading" to PKI from 
> something else only makes sense if that previous system was 
> secure enough - but then why would you want to change?

If the delegation information expires, which it should to ensure
that it still is current, then it should not be so hard to upgrade
the security of the system.

As for why, that's so that people will actually start using
the system instead of fretting about who holds the keys to it
all.

Similarly, this should all be about OSS systems, and not touch
any routers or BGP processes at all. It is up to the individual
ISP to decide how they want to use the information and how 
and when they want to push it into their BGP speaking routers.

--Michael Dillon

• Previous message (by thread): Validating rights to announce a prefix
• Next message (by thread): Validating rights to announce a prefix (was: Public shaming...)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]