On 2020-04-22 12:51, Andrey Kostin wrote:
BCP38 website doesn't proclaim anybody in person to be unsafe, but if it would be possible to make such test it'd be more useful than that RPKI test. BTW, has anybody yet thought/looked into extending RPKI-RTR protocol for validation of prefixes received from peer-as to make ingress filtering more dynamic and move away prefix filters from the routers?
Do you really want those things in soft-state and not with some giant operational buffer to absorb all the brokenness that's sure to arise?
-danny
