>> would be interestd to hear from other ops if they believe they could >> get the folk managing spares to pre-key in a useful way. > no way that'll happen 'reliably'.
agree > though I contend you have time between 'card fail' and 'router back to > normal' to ship a key in the ether/ssh to the device too. by the time the replacement re is sufficiently on net to create and send a public key to the noc for signing and publishing, the router is up and has at least some routing data. so the subsequent publication delay would be a critical path delay (in the pert sense) to full, i.e. bgpsec, use. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
