Per the microphone at SIDR on Friday: 1. Text should be added to strongly recommend that when a route that is about to expire is having an update of the expiration advertised that receiving peers should treat the reception of an update with no other changes to the reachability than the expiration time and signatures as a refresh of the existing route. Implementations supporting temporal time breaking in path selection should *not* treat the refresh as a new update.
2. Short expiry times are an attack on the routing system, especially boxes with slow signature processors. Routes that will expire "soon" should be refreshed with enough time so that receiving peers can take their own sweet time to validate that a new valid path has been received in spare cycles. Note that I realize that it is difficult to distinguish between a refresh vs. an update. Suggestion 2 may make poor cryptographic protocol sense. This effectively has BGP holding onto a stale announcement for a period of time until it has validated the route. -- Jeff _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
