BGP to doom us all

Bruce Pinsky bep at whack.org
Fri Feb 28 22:37:11 UTC 2003


Jim Deleskie wrote:
> Bruce,
> 
>   I agree, while we all need to 'do the right thing' and only announce what
> we are suppose to, we also need to maintain the right level being paranoid
> to protect the networks we are responsible for.
> 

Right.  And so while authentication and encryption of routing protocol exchanges 
is a necessary future to insure authenticity, it doesn't and won't absolve 
providers from the responsiblity of filtering both what they receive and what 
they transmit.

And ideally, a goal of tying a route filtering mechanism to the authentication 
mechanism (i.e. adding authorization on top of authentication) would 
significantly reduce the burden and complexity of maintaining good route filters 
and thereby increase the chance that providers will implement them.

==========
bep




More information about the NANOG mailing list