On Thu, Jul 29, 2010 at 4:14 AM, Robert Kisteleki <[email protected]> wrote: > On 2010.07.28. 17:54, Sandra Murphy wrote: >> >> The problem is the possibility that not accommodating legitimate BGP >> updates >> might result in opportunities for bad guys to get around protections. > > IMO that's not the problem. The problem is that we don't want to have > special mechanisms for cases that occur 0.0007% (or is 0.02%?) of the time. > > It's like creating a special shampoo product line for albinos. No offense to > albinos, but it's not really a good idea. It'll fail. > > [0] http://en.wikipedia.org/wiki/Albinism > >> So we need to have some statement of what to do with this legitimate BGP >> update format. And we need some certainty that we aren't introducing >> opportuntities to circumvent the protections of ordinary updates. > > Agree. My suggestion: these announcements are not in scope for SIDR.
pls define 'not in scope', what behavior is expected when a 'sidr compliant' router sees an update with an AS_SET in the path? (drop update? mark as invalid? mark as unknown? mark as valid? something else?) <normal-joe-hat) -Chris > > Robert > >> Protecting the AS_SETs etc is out of scope. >> >> --Sandy > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
