On Mar 20, 2013, at 7:21 AM, Danny McPherson <[email protected]> wrote: >> Danny - Is there really a "tight coupling" if providers are >> following the recommend BGP origin validation best practices? > > I said BGPSEC...
Got it - the presentation suggests that RPKI poses risks to network reachability due to attack vectors on the certificate infrastructure that impact ROAs, the loss of which may not actually cause reachability issues if people are following best-practices, but would be true if there were a tight-coupling to routing, which there isn't with BGP origin preference, but might be with BGPSEC... I'm not sure I'd use that particular presentation's logic to try to make a point, but it's your example... ;-) /John _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
