BGP to doom us all
Bruce Pinsky
bep at whack.org
Fri Feb 28 22:37:11 UTC 2003
Jim Deleskie wrote:
> Bruce,
>
> I agree, while we all need to 'do the right thing' and only announce what
> we are suppose to, we also need to maintain the right level being paranoid
> to protect the networks we are responsible for.
>
Right. And so while authentication and encryption of routing protocol exchanges
is a necessary future to insure authenticity, it doesn't and won't absolve
providers from the responsiblity of filtering both what they receive and what
they transmit.
And ideally, a goal of tying a route filtering mechanism to the authentication
mechanism (i.e. adding authorization on top of authentication) would
significantly reduce the burden and complexity of maintaining good route filters
and thereby increase the chance that providers will implement them.
==========
bep
More information about the NANOG
mailing list