On Fri, Feb 24, 2012 at 3:59 PM, Leo Bicknell <bickn...@ufp.org> wrote: > In a message written on Fri, Feb 24, 2012 at 01:04:20PM -0700, Shane Amante > wrote: >> Solving for route leaks is /the/ "killer app" for BGPSEC. I can't >> understand why people keep ignoring this. > > Not all "leaks" are bad. > > I remember when there was that undersea landside in Asia that took > out a bunch of undersea cables. Various providers quickly did > mutual transit and other arrangements to route around the problem, > getting a number of things back up quite quickly. These did not > match IRR records though, and likely would not have matached BGPSEC > information, at least not initially.
well.... for bgpsec so if the paths were signed, and origins signed, why would they NOT pass BGPSEC muster? I can see that if the IRR data didn't match up sanely prefix-lists/filters would need some cajoling, but that likely happened anyway in this case. -chris