Bruce,
I agree, while we all need to 'do the right thing' and only announce what
we are suppose to, we also need to maintain the right level being paranoid
to protect the networks we are responsible for.
-Jim
Jim Deleskie wrote:
Bruce,
I agree, while we all need to 'do the right thing' and only announce what
we are suppose to, we also need to maintain the right level being paranoid
to protect the networks we are responsible for.
Right. And so while authentication and encryption of routing protocol exchanges is a necessary future to insure authenticity, it doesn't and won't absolve providers from the responsiblity of filtering both what they receive and what they transmit.
And ideally, a goal of tying a route filtering mechanism to the authentication mechanism (i.e. adding authorization on top of authentication) would significantly reduce the burden and complexity of maintaining good route filters and thereby increase the chance that providers will implement them.