On 10/08/2011, at 11:06 AM, Danny McPherson wrote: > > The discussion of "Beacons" at the last meeting reminds of of EIGRP's > 'triggered updates" v. RIP's "periodic updates" (i.e., cousin of beacons)... > > I think Randy successfully convinced me during his talk at the Quebec City WG > session that "beacons" at a frequency of 24 hours (or anything in the "hours" > range) are pretty much useless and add considerable churn and complexity with > little return from a practical attack surface perspective. > > With the lifetime of the average phishing site being only ~55 hours (for many > reasons, I know), and an inclination to believe that infrastructure threats > are likely to be even more temporal, and I'm inclined to recommend that > beacons be removed altogether in their current incarnation of bgpsec, as > there are plenty of other scale issues to focus on. > > Further study on alternatives, downstream purging issues, and clock skew for > network elements might be useful in this context. I saw something on the > DANE list from PHB about vast skew across end systems, wondering if anyone > has measured this? > > Thoughts? >
Forgive a peanut gallery observation, but are we defining things as useless which we cannot understand in RPKI, because to admit that we don't understand them in RPKI means making RPKI more complex? -G _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
