Earlier, Scott Brim wrote: % Nice start. Let see if I can add anything ... % % A) Host changes % % - The system will need to be robust in the face of incorrect or % malicious host changes. There can be incorrect or malicious router % changes but ISPs understand the risks and the defenses better than % destination hosts would.
I disagree that ISPs are inherently more security aware -- some are and some aren't, just as some end sites are more security aware than others. Under IETF rules, any IETF standard needs to be robust from a security perspective -- whether that involves changes one place or another. So I'd rate that as an important evaluation topic, but not inherently advantageous either way. % - The business model is difficult, because end system stack providers % would not see an immediate benefit from implementing and pushing the % changes. The business model might or might not be difficult, because whether OS implementers would see an immediate benefit (or a sufficient benefit which is the real question, IMHO) will vary with the details of the specific proposal. So again, I'd rate that as an important topic, but not inherently advantageous either way. Both of those said, I do still think it likely that I missed some +/- items somewhere. In any event, it is good that you raised those issues so folks can mull them over. :-) One of the other things for folks to consider is that with router changes there actually are more than 2 router vendors who implement BGP and also have non-trivial deployment. So having an implementation from one (or two) router vendors, but not more, is a potential deployment issue for a router-only approach. I'm open minded about all of this. My main goal is to try to encourage a full evaluation of all of the alternatives, rather than any form of premature decision. Cheers, Ran [EMAIL PROTECTED] -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
