nanog mailing list archives
Re: BGP to doom us all
From: "Christopher L. Morrow" <chris () UU NET>
Date: Sun, 2 Mar 2003 18:42:34 +0000 (GMT)
On Fri, 28 Feb 2003, Vadim Antonov wrote:
Thank you very much, but no. DNS (and DNSSEC) relies on working IP transport for its operation.
Doesn't sBGP also have this problem? A catch-22 where you have to have good routing to get good routing? Or did I miss something?
Now you effectively propose to make routing (and so operation of IP transport) dependent on DNS(SEC). Am I the only one who sees the problem? --vadim PS. The only sane method for routing info validation I've seen so far is the plain old public-key crypto signatures. On 1 Mar 2003, Paul Vixie wrote:It wouldn't be too hard for me to trust: 4969.24.origin.0.254.200.10.in-addr.arpa returning something like "true." to check whether 4969 is allowed to originaate 10.200.254.0/24. ...at last, an application for dnssec!
Current thread:
- Re: BGP to doom us all Avi Freedman (Feb 28)
- Re: BGP to doom us all Paul Vixie (Feb 28)
- Re: BGP to doom us all Vadim Antonov (Feb 28)
- Re: BGP to doom us all Christopher L. Morrow (Mar 02)
- Re: BGP to doom us all bmanning (Mar 01)
- Re: BGP to doom us all Vadim Antonov (Feb 28)
- Re: BGP to doom us all Iljitsch van Beijnum (Mar 01)
- Re: BGP to doom us all Jack Bates (Mar 03)
- <Possible follow-ups>
- RE: BGP to doom us all Paul Ferguson (Mar 01)
- Re: BGP to doom us all Neil J. McRae (Mar 01)
- Who uses RADB? [was BGP to doom us all] Mark Radabaugh (Mar 01)
- Re: Who uses RADB? [was BGP to doom us all] Neil J. McRae (Mar 01)
- Re: Who uses RADB? [was BGP to doom us all] jlewis (Mar 01)
- RE: Who uses RADB? [was BGP to doom us all] Michael Hallgren (Mar 01)
- Re: Who uses RADB? [was BGP to doom us all] Richard A Steenbergen (Mar 01)
- Who uses RADB? [was BGP to doom us all] Mark Radabaugh (Mar 01)
- Re: BGP to doom us all Paul Vixie (Feb 28)