Re: NWW: Fix to Chinese Internet traffic hijack due in January

[Bill Woodcock <woody () pch net>]

On Dec 8, 2010, at 10:13 AM, Eugen Leitl wrote:
> http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/news/2010/120710-chinese-internet-traffic-fix.html&pagename=/news/2010/120710-chinese-internet-traffic-fix.html&pageurl=http://www.networkworld.com/news/2010/120710-chinese-internet-traffic-fix.html&site=printpage&nsdr=n
> Fix to Chinese Internet traffic hijack due in January

FWIW, I was fairly unhappy with how PCH was portrayed in the article...  That was the product of a very long interview, 
and we certainly didn't suggest that the Prefix Sanity Checker was an _alternative_ to RPKI.  I very much think routing 
security is a critical issue, the Prefix Sanity Checker was a baby-step in that direction, which will help some people 
some of the time; tools that perform a cryptographic verification of RADb-style origin and transitive-path assertions 
are the obvious next step, and I'd very much like to see them developed.  It does seem to me, and a lot of people 
who've talked with me about it, however, that using existing cryptographic methods on top of existing routing-policy 
methods, would get us further, faster, than trying to cook up some whole new single-purpose protocol from scratch.  
That was the essence of the interview I gave, and I don't think that message made it through into the finished article 
very obviously.

                                -Bill

Attachment: PGP.sig
Description: This is a digitally signed message part