BGP Security and PKI Hierarchies (was: Re: Wifi Security)

• Previous message (by thread): BGP Security and PKI Hierarchies (was: Re: Wifi Security)
• Next message (by thread): BGP Security and PKI Hierarchies (was: Re: Wifi Security)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> My issue is that if ISPs  a) only announce networks that they know  
> (for different values of know - but hopefully based on some kind of  
> trust in the RIR's data) they are authorized to announce, and b) took  
> responsibility for the behavior of the paths or prefixes they  
> announce, and the bits that are originated in those paths or  
> prefixes, and took action to stop the bad behavior, the issue of  
> trust paths might not be so critical.

agreed up to the last clause.  but my base concern is not
config problems, but rather intentional attacks on the routing
system.  not to deny that there are config problems, they're
rife and a major pita.  but i suspect that the most agregious
will be dealt with by direct approaches to the security issues,
e.g. ip address ownership, as-path intent, etc.

randy

• Previous message (by thread): BGP Security and PKI Hierarchies (was: Re: Wifi Security)
• Next message (by thread): BGP Security and PKI Hierarchies (was: Re: Wifi Security)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]