> How to treat unsigned paths is a matter of policy. Correct --but if you're going to, by default, not treat signed routes as primary over unsigned ones, what's the point of the signatures?
> For more security sensitive routes, you may prefer no route > over an unsigned route. It's up to you. In who's opinion? Yours or the originators? Since this is all about making certain you're following the intent of the originator, I'd think the originator's opinion is the one that counts here, not yours. > I am saying to put that signature into a separate > connection, so as not to delay the higher urgency > regular updates. Sorry, but I don't see how this really helps... What if I'm really lazy, and just never process the signatures? What if I use a route for several minutes, then suddenly realize it's not a valid route? Is it okay to steal 500 people's usernames and passwords, and not 1000? Time is an important element in routing systems, both for convergence and security. :-) Russ _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
