including sidr -- Jakob Heitz.
On Mar 28, 2012, at 11:57 PM, "Jakob Heitz" <[email protected]> wrote: > This can be done. > Like I said before: aggregate the signatures of the paths being aggregated. > String all the signed paths together (after wrapping them with a header), add > your SKI and destination AS (as normal) and sign over the lot. > > Question is: does anyone want to? > > -- > Jakob Heitz. > > > On Mar 28, 2012, at 11:17 PM, "Tony Li" <[email protected]> wrote: > >> >> On Mar 28, 2012, at 2:09 PM, Robert Raszuk wrote: >> >>>>> * Continue to call as_aggregate and still generate AS_SET >>>>> effectively depreciating RFC6472 (quagga approach) >>>> >>>> Generating sets is the safest thing to do. >>> >>> Glad you said this. I do agree. >> >> >> Understood, but how do you ever secure this? Set SIDR aside for a second, >> what would ANY path verification mechanism have to do to secure the full >> path? >> >> It would seem that the ONLY thing one could reasonably do is to describe the >> full topology, and that would seem to require the ability to describe an >> arbitrary tree, not just a set of vectors of paths. >> >> Tony >> >> _______________________________________________ >> Idr mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/idr > _______________________________________________ > Idr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/idr _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
