Hello, On Wed, Feb 23, 2011 at 8:26 PM, Sandra Murphy <[email protected]> wrote: > It is quite easy for an AS to construct an AS_PATH with the legitimate > authorized origin on the origin end, without every having received such an > announcement from the origin. Without the legitimate origin ever having > actually made the announcement to anyone, even. > > That's why path validation is important. You really would like some > assurance that the origin actually announced the prefix *and* announced it > to the party that appears tp have propagated it onward.
Since my impression so far is that recording the actual route taken by the announcement is not feasible in all cases, is it possible to require only that a party involved can vouch/validate that part of the AS path as correct? So an AS can modify their own part of a path as long as they can say "yes it is correct" when asked, or they can, for example, add another ASN as long as the other AS can say "yes" when asked. The difference is in one case we aim for accuracy and in the other we just need someone (who has the rights) to verify it. My impression is that so far the former is leaned towards. But correct me if I have misunderstood. Dongting _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
