> folk have different threat models. yours (and mine) may be propagation of > router compromise. for others, it might be a subtle increase in disclosure of > router links. contrary to your original assertion, the protocol supports both.
The increased disclosure is not "subtle." The alternate -- deploying a new key to every eBGP speaker in your network while the security of all your routes is compromised, isn't so "subtle" either. It's a bad tradeoff in either direction -- typical of solutions that ask the wrong questions in the first place. Russ
