At 6:36 PM -0500 1/17/12, Eric Osterweil wrote:
...
2 - How do we envision the process of an AS getting its own private
key information installed on all of its routers?* Without _these_,
updates cannot be signed...
BGPSEC allows for a per-AS key pair or a per-router key pair.or anything
in between. Thus, if an AS has routers in locations that the AS
operator considers physically insecure, it can choose to have those
routers be individually keyed, while having a shared key pair for
other routers.
Yes, this design may require routers to have access to a fairly large
number of PUBLIC keys for routers/ASes.
Steve
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
