>>> This is what "6.6 Proxy Signing" in
>>> draft-sriram-bgpsec-design-choices suggests, is it not ? Or does
>>> that blow the trust model to hell, also ?
>> it does indeed. that is why 6.6 was rejected.
> Ah. There I was, reading a draft of 5-Jul-2011 and thinking I was up
> to date :-(
sriram's document represents the design team's thought processes, and
therefore includes things which were rejected in the design.
the bgpsec protocol documents are, i think, still are
draft-ietf-sidr-bgpsec-overview-00.txt
draft-ietf-sidr-bgpsec-protocol-00.txt
> OK. If the RS ASN is in the path, then nobody needs to depend on the
> integrity of the RS (however trustworthy one may expect them to be).
bingo!
> I look forward to the ASN count mechanism appearing in the draft(s),
> and support for Route Servers making its way into the Requirements.
i am still selling my hack to the design team.
randy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
