nanog mailing list archives
Re: BGP to doom us all
From: Bruce Pinsky <bep () whack org>
Date: Fri, 28 Feb 2003 14:37:11 -0800
Jim Deleskie wrote:
Bruce, I agree, while we all need to 'do the right thing' and only announce what we are suppose to, we also need to maintain the right level being paranoid to protect the networks we are responsible for.
Right. And so while authentication and encryption of routing protocol exchanges is a necessary future to insure authenticity, it doesn't and won't absolve providers from the responsiblity of filtering both what they receive and what they transmit.
And ideally, a goal of tying a route filtering mechanism to the authentication mechanism (i.e. adding authorization on top of authentication) would significantly reduce the burden and complexity of maintaining good route filters and thereby increase the chance that providers will implement them.
========== bep
Current thread:
- RE: BGP to doom us all, (continued)
- RE: BGP to doom us all Barry Raveendran Greene (Feb 28)
- Re: BGP to doom us all Steven M. Bellovin (Feb 28)
- Re: BGP to doom us all Sean Donelan (Feb 28)
- Re: BGP to doom us all Bruce Robertson (Feb 28)
- Re: BGP to doom us all Randy Bush (Feb 28)
- Re: BGP to doom us all batz (Feb 28)
- Re: BGP to doom us all Randy Bush (Feb 28)
- Re: BGP to doom us all batz (Feb 28)
- Re: BGP to doom us all Randy Bush (Feb 28)
- Re: BGP to doom us all batz (Feb 28)
- Re: BGP to doom us all Bruce Pinsky (Feb 28)