On Mar 18, 2008, at 12:41 PM, Sandy Murphy wrote: >> Second, if a new ROA is required and that information is employed >> directly by the routing system and validated by a protocol such as >> SBGP, would this model require that each routing entry for which >> a ROA exists be readvertised every ~24 hours? > > I don't see why a new ROA would necessitate a new BGP Update. > > Can you say why that would be necessary? > > The Update should still be in the Adj-RIB-In, and the new ROA (absent > changes in authorization, of course) should authorize it as well > as the old ROA.
Ahh, that's perhaps where I'm missing something. So, intermediate systems validate based on the ROA and it has a periodic expire with the associated certificate, doesn't the refreshed certificate need to be propagated each time it's refreshed - if employing such a capability in an inter-domain routing protocol? -danny _______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
