> Personally, I'm leery of making Internet routing dependent on ntp so > would prefer the requirement be no weaker than the following proposal: > > 3.xx A BGPSEC design MAY be dependent on network services other than > BGP (e.g., ntp) but SHOULD attempt to avoid such a dependancy.
if we want crypto level assurance, do you have a suggestion other than x.509, which depends on low precision time? for x.509 level assurance, what kind of precision does one actually need? my guess is on the order of hours. so we may not want to specifically abjure ntp, but rather express some bounds on the precision one wants. btw, from talking to largish operators, ntp is on all non-trivial routers. heck, it's even on 2511s i use for some remote oob serial craft port access. i am less sure of customers' edge routers. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
