>> so, i think you are referring to >> >> As core BGPsec-capable routers may require large memory and/or modern >> CPUs, origin validation based on the Resource Public Key >> Infrastructure (RPKI), [RFC6811], will occur over some years and >> BGPsec will start to deploy after that. >> >> as rpki is deployed to a fair extent, origin validation is baked into >> current routers, and bgpsec in the core will require bigger hardware, OV >> before BGPsec would seem to be the sequence. >> >> otoh, your last statement is true, an operator will have to set up rpki >> data before deploying either origin validation or bgpsec. rpki is >> needed for both. >> >> so i am not sure what you are suggesting i do. > > I was suggesting re-wording so that the text cannot be read so > as to mean "don't bother with BGPsec until the entire world has > finished deploying OV." > > Maybe: > > As core BGPsec-capable routers may require large memory and/or modern > CPUs, origin validation based on the Resource Public Key > Infrastructure (RPKI), [RFC6811], will occur over some years and, > once origin validation has been deployed at an AS, then BGPsec > can start to deploy in that AS. > > Though I'm not sure that's precisely right either.
ok, how about Origin Validation based on the Resource Public Key Infrastructure (RPKI), [RFC6811], is in its early phases. As BGPsec, [I-D.ietf-sidr-bgpsec-protocol] may require larger memory and/or more modern CPUs, it expected to be deployed incrementally over a longer time span. BGPsec is a new protocol with many operational considerations which this document attempts to describe. As with most operational practices, this document will likely evolve. i am still not in love with it. longitudinal study: how has the distribution of draft word count pre and post iesg review changed over time? for research papers, there is considerable pressure to be terse to get one's content into restricted page limits. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
