On Wed, Dec 19, 2012 at 12:33 PM, Pradosh Mohapatra (pmohapat) <pmoha...@cisco.com> wrote: > In these use cases, what breaks if we allow two ROAs to co-exist in the > system (one authorizing the customer AS and one authorizing the proxy AS
the system already permits multiple ROA's for the same prefix, right? > to originate the prefix) _much before_ the attack (or storm) takes place? > After all, this is a valid business relationship. Choose your pill wisely. the concern, for the dos-mitigation and really for the flashcrowds as well (same thing in the end, "Oops, server go boom, move service to more-servers-r-us!"), is the lack of prior relationship and thus lack of existence of a new ROA. -chris (course, I could have missed your question entirely) _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr