the problems being solved -- or not

• Previous message (by thread): the problems being solved -- or not
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Pekka,

First of all, if you are assuming that NO ISPs make use of prefix
filters, then you would be incorrect.  There are those that try very
hard to make use of such filters.  However, we do not have 100%
deployment of those filters.

Since we will never see 100% deployment of such filters, we will
continue to have mistakes or attacks floating around within the routing
system.  For the ISPs that are sufficiently concerned, it would be very
nice if they could have an automated mechanism that could authenticate
the information that they've recevied via BGP.  Not all ISPs will enable
this mechanism either, but some will, and they and their customers will
gain some advantage by doing so.

Just because this mechanism will never see 100% deployment is not a
reason to discard the remainder of the benefit that can be had.

> And managing the certificates, processing them, ...., would be
> significantly easier?

Yes, since more of this can be reasonably automated in a general way,
rather than a set of ad hoc hacks.

Tony

• Previous message (by thread): the problems being solved -- or not
• Next message (by thread): soBGP deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]