On Fri, Nov 4, 2011 at 3:05 PM, Eric Osterweil <[email protected]> wrote: >> you are correct, BGPsec tries to secure the BGP protocol against abuse, >> not protect the internet. the latter is a very worthy goal but a bit >> nebulous. of course an internet draft or two might clarify that. > > This seems like a very pedantic distinction. Having an AS' traffic routed > through an invalid path seems like a BGP protocol abuse to me. So, in that > language, it seems to me that this issue is in scope (i.e. if the path is to > be protected, then subverting it is an abuse). >
oops, also, still not randy, but... there are lots of ways to bend traffic in the wrong direction and still keep bgp data 'the same'. I'm not sure fixing traffic paths is doable in BGP. Do you see a way to do this in BGP? -chris _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
