NWW: Fix to Chinese Internet traffic hijack due in January
Bill Woodcock
woody at pch.net
Wed Dec 8 18:23:46 UTC 2010
On Dec 8, 2010, at 10:13 AM, Eugen Leitl wrote:
> http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2010/120710-chinese-internet-traffic-fix.html&pagename=/news/2010/120710-chinese-internet-traffic-fix.html&pageurl=http://www.networkworld.com/news/2010/120710-chinese-internet-traffic-fix.html&site=printpage&nsdr=n
> Fix to Chinese Internet traffic hijack due in January
FWIW, I was fairly unhappy with how PCH was portrayed in the article... That was the product of a very long interview, and we certainly didn't suggest that the Prefix Sanity Checker was an _alternative_ to RPKI. I very much think routing security is a critical issue, the Prefix Sanity Checker was a baby-step in that direction, which will help some people some of the time; tools that perform a cryptographic verification of RADb-style origin and transitive-path assertions are the obvious next step, and I'd very much like to see them developed. It does seem to me, and a lot of people who've talked with me about it, however, that using existing cryptographic methods on top of existing routing-policy methods, would get us further, faster, than trying to cook up some whole new single-purpose protocol from scratch. That was the essence of the interview I gave, and I don't think that message made it through into the finished article very obviously.
-Bill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20101208/f9787080/attachment.sig>
More information about the NANOG
mailing list