> The current BGPSEC design, chooses to only focus on the protocol on the > wire, and starts with the attributes that had both an identified threat > and a existence proof of a reasonable mechanism to address that threat.
BGPSEC: 1. Fails to actually protect the bits on the wire in a way that meets BGP's actual on the wire protocol semantics (see the addition of timers to prevent replay attacks). 2. Attempts to add policy to the mix (see the so-called "man in the middle attack") without actually calling it policy. Given these failures, maybe it's time to start with requirements (rather than a solution) first, and see if we come to a better outcome. Russ _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
