On Feb 3, 2011, at 10:47 AM, Stephen Kent wrote: > > I'm a bit puzzled by your final comment above. > > Path secruity includes the origin AS, and the RPKI is the mechanism adopted > by SIDR to validate the origin AS assertion for an AS path. So, in that > sense, more extensive path secruity approaches will rely on the RPKI, at > least for the origin AS. > > I have assumed that folks planned to take advantage of the ASN assertions in > RPKI certs in support of path security mechanisms, in some form. (For origin > AS verification we need only the address assertions in certs, but we have > always described the RPKI as encompassing both address and ASN allocations.) > > I think reliance on the RPKI for validated assertions re both types of > resources is appropriate for path secruity, irrespective of the mechanisms > used to verify As path info.
I agree with everything you say in the text above - I'm merely referring to the WG charter issues that quelled previous discussions of path _anything on this mailing list and in this working group in the past. I trust I don't need to provide references.. -danny _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
