[ let me save mic time and just say what i said to the idr list ]
i do not think this will fly in the long run, but let my try to at least
get it in the best light.
o it could and should be said in a page or so in order that people can
get it and think it is simple and not imposing
o it assumes gao-rexford, which we know is an unsafe assumption, but
wtf, it's good in enough cases that we can let it go for the moment
o the relationship has to be per prefix not per link, as prefixes with
different business models are often sent over the same link
o the mark should be determined by the sender, and need not agree with
the receiver's perception of the relationship
o if the receiver does not like it they can call the sender on the
phone, drop the announcement, whatever
o this is a significant change to bgp, so idr should be asked to say
it's cool before sidr tries to protect it by signing over it
o if it is agreed by idr and it is well defined, we know how to sign
it in bgpsec, it's like a few more bits on each hop in the as path
o as with origin validation and path validation, the router should not
do anything on its own, but rather should provide the operator the
tools needed to apply policy based on the data
o therefore, to use it, the router will have to give the operator some
sort of expression over the catenation of the per-as policy markings
o but what should an operator do when they see a 'violation' six hops
away?
randy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
