Internet failures over the next 3 years - slight tangent
Andrew Lange
alange at ans.net
Tue Jun 22 23:03:53 UTC 1999
On Tue, 22 Jun 1999, Tim Wolfe wrote:
> > - Critical Internet control software and systems
>
> I am not a router vendor, but it seems that adding some sort of auth key to
> BGP (similar to the auth system of OSPF) wouldn't be all that difficult.
> You could specify a key for each peer.
There is already a option in the BGP OPEN message to add authentication on
a BGP session. However, the RFC doesn't specify an authenitcation method
to use. Of course securing the level 4 BGP session without securing the
underlying TCP session is a weakness, so there is a proposal to implement
an MD5 TCP authentication method. Does anyone know the status of this
proposal?
Andrew
---
Andrew Lange
UUNET - Ann Arbor
alange at ans.net
More information about the NANOG
mailing list