Re: Whitehouse Tackels Cybersecurity

[Iljitsch van Beijnum <iljitsch () muada com>]

On Wed, 18 Sep 2002, Steven M. Bellovin wrote:

> See http://www.whitehouse.gov/pcipb/

Wow, we should all start using out of band management. Anyone think it is
feasible to do management of an IP network exclusively out of band?

And BGP should be more secure. What is the problem we should be trying to
fix here? There is a "Secure BGP" draft:
http://www.ir.bbn.com/projects/sbgp/draft-clynn-s-bgp-protocol-00a.txt

Implementing this may make BGP very secure, but it will make the internet
as a whole much less reliable because routing will no longer be a function
that can be performed autonomously by routers, but something that's tied
into a global (public key) infrastructure. An infrastructure that depends
on routing to work... Hello circularity.

I read solutions (well, avenues for possible solutions) without a good
indication of what the problem is. (That goes for both the Secure
Cyberspace and S-BGP drafts.)