George Michaelson wrote: > > On 26/11/2008, at 2:43 PM, Randy Bush wrote: > >> 1, 2, and 4 are uninteresting to me, not worth the additional complexity. >> >>> 3. I have been allocated 203.10.60.0/22. I wish to ensure that any more >>> specific advertisement of this prefix is unauthorized. If I generate a >>> BOA for 203.10.60.0/23 AND 203.10.62.0/23 then my intention is clear. >> >> ROA 203.10.60.0/22-22 >> >> the owner of the prefix has spoken. that is what may be announced and >> that is all that may be announced. >> >> as nw once said "i did not leave that out because i ran out of ink." >> >> randy >> _______________________________________________ > > In the context of BOA, you complained Randy, that a BOA compelled people > lower, more specific to issue ROA to override the BOA. you complained, > that they are unnecessarily brought into the process and cannot exist as > non-secured routing people, unless they do this. You complained about > the compulsion element. > > But, your statement above COMPELS any more specific, to issue a valid > ROA, to prove their routes are acceptable.
if the owner wanted to allow longer prefix(es) to be announced, they could have issued roa(s) for the longer prefix(es). yes, once you have secured a prefix, longer matches must also be secured. this is a good thing. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
