I stand corrected. Good idea. If I understand it right, the presence of a BGPSEC signature AND the absence of a provenance signature signals that the prefix has left the set of AS's that are contracted to provide it reachability.
-- Jakob Heitz. > -----Original Message----- > From: Brian Dickson [mailto:[email protected]] > Sent: Tuesday, November 22, 2011 9:17 AM > To: Jakob Heitz > Cc: sidr wg list > Subject: Re: [sidr] Route Leak fix: V free routing > > On Tue, Nov 22, 2011 at 12:11 PM, Jakob Heitz > <[email protected]> wrote: > > That's like making the British drive on the right: you can not > incrementally deploy. > > I don't understand your comment - can you be more specific and > precise? > > What can you not deploy incrementally? > > BGPsec? An end-to-end BGPsec secured path? > > Or are you talking about adding this to the spec - clearly this > would be incompatible with BGPsec implementations that didn't have > it. > > If the latter, note: the deployed set is currently the null set, so > your argument is moot. > > Brian _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
