I thought I'd mentioned earlier that we may want two different forms of
prefix cert, with with CA and one without. The one without goes in the
routers; the one with CA is used to issue certs to downstreams.
Rationale for the two certs: if a router is badly 0wned, someone can
steal its private key and use it for address hijacking. But that sort
of gross abuse of an entire prefix is likely to be noticed. A CA cert
can be used to issue certs for longer prefixes, i.e., target one
customer, rather than an entire ISP.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb