Phillip Hallam-Baker wrote:
>> There is a big difference in real engineering (i.e. outside a
>> university) between a solution that only addresses part of a problem
>> and one that is 'useless'.
Perhaps, you don't recognize the fact that BGP routing is global.
>> In observed attacks and in simulations, the IP-AS number attack is
>> much more significant than the routing layer attack in most
>> circumstances.
I'm not sure what are the IP-AS attack and the routing layer attack
and whether you are worrying about attacks today or year 3010.
So, before continuing discussion, I think you should write a draft
precisely defining problems including the attacks. The draft may
be more than 100 pages long.
It should be noted, however, that, it is likely that I point out the
attacks are identical, if I have enough time to read everal lines of
the draft. Note that:
A Profile for Route Origin Authorizations (ROAs)
draft-ietf-sidr-roa-format-06.txt
says:
The primary purpose of the Internet IP Address and AS Number Resource
Public Key Infrastructure (RPKI) system is to improve routing
security.
>> There are many security concerns that BGP security could address. The
>> only concerns for which a BGP security solution is essential is to
>> prevent Denial of Service attacks and to prevent hijacking of IPv4
>> space
The point of previous discussion was that RPKI is useless for such
prevention. Read the ML log.
>> after exhaustion is reached.
With A+P, it will be reached in year 3010 or later.
Masataka Ohta
_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
