Brian, Thanks, this helps a lot.
The fact that the goal of the design you offered is path feasibility, vs. path traversed validation, was a critical missing element.
Combined with the origin validation, you get everything you need.
not as per the WG charter and the requirements doc, which state that path feasibility approaches are not adequate.
(Contrast this with the risk of exposed on-router private keys, where literally _any_ AS-path could be forged via the AS of that router, off-axis.)
Not quite true, as I explained in my analysis of your attack example. Steve _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
