This probably doesn't suck as an idea.
One of the shortcomings of as-sets in RPSL was that there was no forward
security when including as-sets. In other words, anyone could include
any other AS or as-set in their own as-set. This allowed a good degree
of flexibility, but could also create hilariously obnoxious results, for
example the time that someone included AS-SET-INEX-RS in their own
as-set, then did an AS7007 job towards INEX's route servers. Much code
was written in anger that day, oh yes, there was.
Anyway, if there were moves to think about whether it would be possible
to include some form of inclusion authorisation mechanism, that would
solve some actual problems.
Nick
_______________________________________________
GROW mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/grow
