nanog mailing list archives
Re: BGP to doom us all
From: Vadim Antonov <avg () kotovnik com>
Date: Fri, 28 Feb 2003 22:49:02 -0800 (PST)
Thank you very much, but no. DNS (and DNSSEC) relies on working IP transport for its operation. Now you effectively propose to make routing (and so operation of IP transport) dependent on DNS(SEC). Am I the only one who sees the problem? --vadim PS. The only sane method for routing info validation I've seen so far is the plain old public-key crypto signatures. On 1 Mar 2003, Paul Vixie wrote:
It wouldn't be too hard for me to trust: 4969.24.origin.0.254.200.10.in-addr.arpa returning something like "true." to check whether 4969 is allowed to originaate 10.200.254.0/24. ...at last, an application for dnssec!
Current thread:
- Re: BGP to doom us all Avi Freedman (Feb 28)
- Re: BGP to doom us all Paul Vixie (Feb 28)
- Re: BGP to doom us all Vadim Antonov (Feb 28)
- Re: BGP to doom us all Christopher L. Morrow (Mar 02)
- Re: BGP to doom us all bmanning (Mar 01)
- Re: BGP to doom us all Vadim Antonov (Feb 28)
- Re: BGP to doom us all Iljitsch van Beijnum (Mar 01)
- Re: BGP to doom us all Jack Bates (Mar 03)
- <Possible follow-ups>
- RE: BGP to doom us all Paul Ferguson (Mar 01)
- Re: BGP to doom us all Neil J. McRae (Mar 01)
- Who uses RADB? [was BGP to doom us all] Mark Radabaugh (Mar 01)
- Re: Who uses RADB? [was BGP to doom us all] Neil J. McRae (Mar 01)
- Re: Who uses RADB? [was BGP to doom us all] jlewis (Mar 01)
- RE: Who uses RADB? [was BGP to doom us all] Michael Hallgren (Mar 01)
- Who uses RADB? [was BGP to doom us all] Mark Radabaugh (Mar 01)
- Re: BGP to doom us all Paul Vixie (Feb 28)