>> Is it really that complex? > (not really aimed at russ) > > is the never-ending rathole of 'what are we trying to protect' really > required on-list? I think the most simple case we care about is: "Is > the routing system telling us what it is supposed to?" Or rephrased > some: "Did the route injected at the source get faithfully reproduced > down the line to the receiver?"
But SIDR is currently saying that as long as the route was injected correctly a week or two ago, "it's all good." Sorry, but I disagree. It's not "all good." Security compares what the state currently looks like to what the state should look like. If "what the state should look like" could be a week old, and you've ruled out "intentions" (which really rules out what the system should look like), then you've ruled out "security." Russ _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
