nanog mailing list archives

RE: Validating rights to announce a prefix

From: <michael.dillon () bt com>
Date: Fri, 15 Aug 2008 11:29:25 +0100

It's hard to switch to a more secure method later on if you 
start with a less secure one. So, "upgrading" to PKI from 
something else only makes sense if that previous system was 
secure enough - but then why would you want to change?


If the delegation information expires, which it should to ensure
that it still is current, then it should not be so hard to upgrade
the security of the system.

As for why, that's so that people will actually start using
the system instead of fretting about who holds the keys to it
all.

Similarly, this should all be about OSS systems, and not touch
any routers or BGP processes at all. It is up to the individual
ISP to decide how they want to use the information and how 
and when they want to push it into their BGP speaking routers.

--Michael Dillon

Current thread:

Re: Public shaming list for ISPs announcing other ISPs IP space by mis take Paul Ferguson (Aug 14)
- Re: Public shaming list for ISPs announcing other ISPs IP space by mis take Danny McPherson (Aug 14)
  - Re: Public shaming list for ISPs announcing other ISPs IP space by mis take Sandy Murphy (Aug 15)
    - Re: Public shaming list for ISPs announcing other ISPs IP space by mis take Randy Bush (Aug 15)
- RE: Validating rights to announce a prefix (was: Public shaming...) michael.dillon (Aug 15)
  - Re: Validating rights to announce a prefix Robert Kisteleki (Aug 15)
    - RE: Validating rights to announce a prefix michael.dillon (Aug 15)
  - RE: Validating rights to announce a prefix (was: Public shaming...) Skywing (Aug 15)
    - RE: Validating rights to announce a prefix (was: Public shaming...) michael.dillon (Aug 15)
    - RE: Validating rights to announce a prefix (was: Public shaming...) Skywing (Aug 15)