On Thu, Dec 14, 2017 at 05:12:52PM +0000, Smith, Donald wrote: > I don't see anything around MD5/TCPAO authentication. > > >From https://tools.ietf.org/html/rfc6198 > > " Security considerations MUST be addressed by the proposed solutions. > In particular, they SHOULD address the issues of bogus g-shut > messages and how they would affect the network(s), as well as the > impact of hiding a g-shut message so that g-shut is not performed." > > I may have missed it somewhere?
I have trouble parsing this requirements text. What makes a "bogus g-shut" a "bogus g-shut"? How is 'hiding' (I interpret this as 'removing the gshut community) a g-shut any different than the other BGP speaker not supporting g-shut? How is any of this different than NO_EXPORT or NO_ADVERTISE? Kind regards, Job _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow