nanog mailing list archives

Re: soBGP deployment

From: Randy Bush <randy () psg com>
Date: Tue, 24 May 2005 13:55:22 -0400

the certificates are carried ... in soBGP in a new BGP message.

btw, am i supposed to be cheered by yet another overloading of bgp?

Since S-BGP overloads signatures into the current packet formats, destroys 
packing, and destroys peer groups, I'm not certain that you can make the 
claim that S-BGP has a "lower impact" on BGP than soBGP does.


then i guess i am very lucky not to have made such a claim.

the point is that sbgp's changes, while more than one might prefer,
are made so that congruent data, path attestation, can be carried
in-band.  i consider the trade-off worthwhile for the seriously
improved security, which is the point of the exercise.

randy

Current thread:

Re: soBGP deployment, (continued)
- - - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Larry J. Blunk (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Iljitsch van Beijnum (May 23)
    - Re: soBGP deployment Steven M. Bellovin (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Randy Bush (May 23)
    - Re: soBGP deployment Tony Li (May 23)
    - Re: soBGP deployment Randy Bush (May 24)
    - Re: soBGP deployment Russ White (May 24)
    - Re: soBGP deployment Randy Bush (May 24)
    - Re: soBGP deployment Michael . Dillon (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Edward Lewis (May 23)
    - Re: soBGP deployment Michael . Dillon (May 23)
    - Re: soBGP deployment william(at)elan.net (May 23)
    - Re: soBGP deployment bmanning (May 23)
    - Re: soBGP deployment Daniel Golding (May 23)
    - Re: soBGP deployment Jeroen Massar (May 23)
    - Re: soBGP deployment bmanning (May 23)

(Thread continues...)