[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] interesting presentations from RIPE



Ran,
> % If this is true (and I wouldn't be surprised), how would LISP
> % or any other proposal without added security features help here?
> %
> % Even though LISP, Six/One, etc helps to make aggregation easier,
> % would ISPs still de-aggregate for the security reasons?
>
> My understanding is that the IETF's SIDR WG is chartered to address
> the issue of authentication and authorisation for routing prefix
> advrtisements in the inter-domain context.
Exactly. More generally, we have a number of different reasons for
de-aggregation, and for our problem to go away, we have to have
something for each (significant) reason.

There is indeed work in the SIDR WG and in the RIR and operator
communities in securing routing advertisements. But it needs to be
deployed. Also, if we come up with a "split" routing model where there
are "core" and "edge" routing tables, we need to provide the security
mechanisms currently being developed to both of these parts.

Jari


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg