Timothy Brown wrote:
I disagree with the view that it is a hack.
It's no more a hack than using a DNS feed;
I concur with this. Besides, from the pragmatic side of the "consumer",
if it does solve a problem (albeit short or medium term) I don't care
much if it's a "hack".
Hint: all this bogon or related filtering is not a long-term solution.
We need it now, but the long term solution is some kind of
authentication that will allow only the rightful owner of a block to
This I completely agree with. The correct future solution is authentication of
network ownership of ip block with proper digital signatures (in fact I
think I put on completewhois website). Its too bad S-BGP does not seem to
be have futher development and more support. And I reject the idea that
not enough memory is a big problem for deployment - the memory on PCs is
really cheap now and the router vendors can easily develop routers with
1GB or RAM or more when needed and protocol can be done in a way that
signatures are complimentary/optional and not required so as to support
PS. I have lots of ideas in this area, I'd love to know where to send them
all, I don't see any discussion on any public mailing list about S-BGP.