Re: [sidr] Route Leaks and BGP Security

Mon, 21 Nov 2011 11:53:32 -0800 

>>    o a significant portion of the internet's isps will not publish
>>      peering and customer business relationships,

Randy,
This is very true statement how every last week we have had a number of conversations where the same significant portions of ISPs expressed very great interest in increase their revenues in the context of CDNs.
So to get some money from the large content providers like Akamai or Google they are willing to expose their peering relations just to let those big guys may an intelligent content query redirection.
I do know this is a bit outside of the scope of this WG, but the requirement is common and with addressing one we could perhaps address the other one in one shot.
So if we would propose a solution which only asks to advertise given AS's neighboring ASes by peering to them of course without disclosing any policy one may have .. do you think this would not be a doable proposal ? 

Regards,
R.

> On 2011-11-21 17:57, Russ White wrote:



   o a significant portion of the internet's isps will not publish
     peering and customer business relationships,


You can't secure what you don't tell anyone about. Security is about
allowing others to compare the current state against what the state
should be. What you're asking for is to ask someone else to take some
specific action for you without telling them what that action should be.
An impossibility.


   o ASs are not homogenous, A gives B local peering and international
     transit in frankfurt, but B may have no relationship with A in
     new york, or B may be A's customer in new york, and you will never
     know (and you do not want to see how this is done if you are
     anywhere near a meal)


These can be accounted for in some of the systems that have been
proposed in the past, or are now available.


   o this is just a repeat of the non-sense which wasted years of time
     of the last ietf attempt in this area,


Which is a worse waste of time --designing a solution first, then
fitting the requirements around it, or figuring out what the problem is,
then thinking through possible solutions?

:-)

Russ
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr




_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr

Reply via email to