nanog mailing list archives
Re: BGP over TLS
From: Bjørn Mork <bjorn () mork no>
Date: Mon, 21 Oct 2019 22:35:58 +0200
Jeffrey Haas <jhaas () pfrc org> writes:
Exactly how the cert lifetime interacts with peering sessions is likely to be several flavors of ugly.
If you pin the key, then there is no reason to care about expiration. You could define the certificate as valid for as long as the pinned key matches. This is similar to what DANE does. Bjørn
Current thread:
- RE: BGP over TLS, (continued)
- RE: BGP over TLS Keith Medcalf (Oct 22)
- Re: BGP over TLS Jared Mauch (Oct 22)
- Re: BGP over TLS Bjørn Mork (Oct 22)
- Re: BGP over TLS Christopher Morrow (Oct 22)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Brandon Martin (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Brielle (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Jeffrey Haas (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Brandon Martin (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Jeffrey Haas (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Brandon Martin (Oct 21)
- Re: BGP over TLS Bjørn Mork (Oct 21)
- Re: BGP over TLS (was: Re: "Using Cloud Resources to Dramatically Improve Internet Routing") Jared Mauch (Oct 21)
- RE: "Using Cloud Resources to Dramatically Improve Internet Routing" Keith Medcalf (Oct 20)
- Re: "Using Cloud Resources to Dramatically Improve Internet Routing" Valdis Klētnieks (Oct 11)
- Re: "Using Cloud Resources to Dramatically Improve Internet Routing" Karsten Thomann via NANOG (Oct 20)