Hi Dino, On 3/5/15 5:27 PM, Dino Farinacci wrote: >> On Mar 4, 2015, at 6:11 PM, Kathleen Moriarty >> <[email protected]> wrote: >> >> Much of the routing information >> is >> maintained in a database "like DNS". If it *were* DNS, DNSSEC could be >> used >> to address the integrity issues. If it is home grown, some equivalent >> mechanism will be necessary. Why not use DNS? > Because you create a circular dependency. Routing should not depend on > directory at the same time directory depends on routing.
I mostly agree with this point. It is possible to engineer a network such that this doesn't happen, but that increases the effort/planning/management required to successfully manage the system as a whole. > > See LISP-DDT-SEC for mapping database security. Yes.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
