On 3 Jun 2015, at 9:04, Ethan Katz-Bassett wrote:
The same folks also followed up that workshop paper with a longer
paper on
the topic:
https://www.cs.bu.edu/~goldbe/papers/sigRPKI.pdf
Thanks to you and to Dale Carter - I was unaware of these papers.
Nonetheless, the risk remains of authorities interfering with the BGP as
they've interfered with the DNS.
I'm very cognizant of the non-trivial effects of route-hijacking, having
been involved in helping get a few of them resolved. Nonetheless, my
natural skepticism leads me to wonder whether we aren't better off with
the problematic, error-prone system we have (not to mention the
enumeration and enhanced DDoS impact of packeting routers doing crypto
for their BGP sessions and which aren't protected via iACLs/GTSM).
-----------------------------------
Roland Dobbins <rdobb...@arbor.net>