rpki vs. secure dns?
Randy Bush
randy at psg.com
Wed May 30 09:43:53 UTC 2012
>> I would also ask people to expand their minds beyond the "it must
>> have a (near-)real-time mechanism" directly coupled to the Control
>> Plane" for a variety of reasons. Such a tight coupling of /any/ two
>> systems inevitably, and unfortunately, will only fail at scale in
>> ways that likely would never have been predicted a priori[1] --
> i think you're paying insufficient attention to this discussion, if
> you think that failure predictions have not already been well made
> with respect to the rover approach to routing security.
rfc 3439, the most complex document about simplicity you can imagine
randy
More information about the NANOG
mailing list