nanog mailing list archives

Re: soBGP deployment

From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Mon, 23 May 2005 12:54:58 -0400


In message <B6DE33ED-0C90-46A1-ACD9-329F10905B0B () muada com>, Iljitsch van Beijn
um writes:


On 23-mei-2005, at 17:39, Randy Bush wrote:

  o with sbgp, the assertion of the validity of asn A announcing
    prefix P to asn B is congruent with the bgp signaling itself,
    A merely signs the assertion in the bgp announcement.

  o with sobgp, the assertion is in an external database with
    issues such as


This is nonsense. Did you even read the soBGP drafts?

In S-BGP the certificates are carried in path attributes, in soBGP in  
a new BGP message. Other than that, they do not differ in this regard.


Randy isn't talking about certificates, he's talking about how you tell 
if a path is legitimate.

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

Current thread:

Re: soBGP deployment, (continued)
- - - Re: soBGP deployment Randy Bush (May 21)
    - Re: soBGP deployment Russ White (May 21)
    - Re: soBGP deployment william(at)elan.net (May 23)
    - Re: soBGP deployment Jeroen Massar (May 21)
    - Re: soBGP deployment Russ White (May 21)
    - Re: soBGP deployment Larry J. Blunk (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Larry J. Blunk (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Iljitsch van Beijnum (May 23)
    - Re: soBGP deployment Steven M. Bellovin (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Tony Li (May 23)
    - Re: soBGP deployment Randy Bush (May 24)
    - Re: soBGP deployment Russ White (May 24)
    - Re: soBGP deployment Randy Bush (May 24)
    - Re: soBGP deployment Michael . Dillon (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Edward Lewis (May 23)

(Thread continues...)