Hi,
On Jan 18, 2012, at 12:36 AM, Eric Osterweil wrote:
> 2 - How do we envision the process of an AS getting its own private key
> information installed on all of its routers?* Without _these_, updates
> cannot be signed...
I don't know for a fact, but I expect that the router key pair is created on
the router itself. The private key never leaves it, but the public key can be
exported so that it can be put on a (EE?) certificate signed by the holder of
the AS.
I have to admit though that I am not fully up to speed with all the bgpsec
documents, it's somewhere on my todo list, but my main focus here has been on
publication and validation related matters, not so much bgp and router..
Tim
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
