Routing Insecurity (Re: BGP in the Washington Post)

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 09 Jun 2015 19:09:45 -0400, David Mandelberg said:
> I don't think there's an update issue here. The crypto verification is
> probably going to be deferred in addition to being low priority. If I
> understand it correctly, this means that a route can be passed along
> right away without waiting for the crypto checks.

Forward the route and then check it?

Didn't we have a very amusing afternoon a number of years ago when $VENDOR
did exactly that with some invalid routing data? Or am I mis-remembering
history, and therefor doomed to mis-repeat it?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20150609/c3c00141/attachment.sig>

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]