This is an old draft on which I'm holding a DISCUSS. Please change me to a no-ob conditional on the following change to the security considerations section via an RFC Editor's note: BGP by allowing the potential for ^man-in-the-middle, session-hijacking, or^ denial of service... (This issue was raised in my original DISCUSS.)