I agree that we cannot force this. However, it should be ok if we can specify these policies as best practices or recommendations.
- Shankar K A -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Christopher Morrow Sent: Wednesday, November 16, 2011 10:10 AM To: Shankar K A Cc: Jakob Heitz; Russ White; [email protected] Subject: Re: [sidr] Burstiness of BGP updates On Tue, Nov 15, 2011 at 11:06 PM, Shankar K A <[email protected]> wrote: > I would prefer signed updated over unsigned updates as Jakob suggested. > But strictly speaking, IMO we should only accept signed updates, because it's > the number of AS that we add in the update that we are protecting. > By accepting unsigned update we may accept unprotected path information. > it really is, or was, the intent to permit operators of networks to decide this on their own. They MAY want to prefer unsigned/unknown/notfound/naked prefixes for certain things. It's really not up to us to say, is it? we can SUGGEST that they SHOULD prefer signed over unsigned, but in the end of the day it's on them. _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
