soBGP deployment
Steven M. Bellovin
smb at cs.columbia.edu
Mon May 23 16:54:58 UTC 2005
In message <B6DE33ED-0C90-46A1-ACD9-329F10905B0B at muada.com>, Iljitsch van Beijn
um writes:
>
>On 23-mei-2005, at 17:39, Randy Bush wrote:
>
>> o with sbgp, the assertion of the validity of asn A announcing
>> prefix P to asn B is congruent with the bgp signaling itself,
>> A merely signs the assertion in the bgp announcement.
>
>> o with sobgp, the assertion is in an external database with
>> issues such as
>
>This is nonsense. Did you even read the soBGP drafts?
>
>In S-BGP the certificates are carried in path attributes, in soBGP in
>a new BGP message. Other than that, they do not differ in this regard.
Randy isn't talking about certificates, he's talking about how you tell
if a path is legitimate.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list