Routing Insecurity (Re: BGP in the Washington Post)

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> folk have different threat models.  yours (and mine) may be propagation of
> router compromise.  for others, it might be a subtle increase in
disclosure of
> router links.  contrary to your original assertion, the protocol supports
both.

The increased disclosure is not "subtle." The alternate -- deploying a new
key to every eBGP speaker in your network while the security of all your
routes is compromised, isn't so "subtle" either. It's a bad tradeoff in
either direction -- typical of solutions that ask the wrong questions in the
first place.

Russ

• Previous message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Next message (by thread): Routing Insecurity (Re: BGP in the Washington Post)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]