route authentication
Joshua Wright
Joshua.Wright at jwu.edu
Tue Jun 4 14:35:40 UTC 2002
I am encouraging my local ISP/consortium (www.oshean.org) to utilize MD5
auth for BGP, but have been unsuccessful so far. The most difficult
challenge I face there is convincing people of the "need" with the lack of a
published exploit that the MD5 authentication would prevent.
So much for best practices. <sigh>
-Joshua Wright
Team Leader, Networks and Systems
Johnson & Wales University
Joshua.Wright at jwu.edu
pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
> -----Original Message-----
> From: Barbara Fraser [mailto:byfraser at cisco.com]
> Sent: Monday, June 03, 2002 7:48 PM
> To: nanog at merit.edu
> Subject: route authentication
>
>
>
> I'm wondering just how many ISPs are using HMAC-MD5 to
> authenticate IS-IS
> route advertisements within their ASs, or MD5 on BGP peering
> sessions? I
> don't need a real number, just a sense of the community. Is usage
> increasing? is it dead? is it regional? etc. Any anecdotal
> info you have is
> appreciated. I don't need names of ISPs, just whether or not these
> technologies are being used.
>
> thanks,
> Barbara
> Barbara Fraser
> Consulting Engineer
> Cisco Systems, Inc.
> Phone: +1 (408) 525-1735
>
More information about the NANOG
mailing list