On Nov 10, 2012, at 12:24 PM, Tony Li wrote: > >>> We still have the same old kludgy BGP global routing system we always had, >>> and _nothing_ has been proposed to improve/replace it. > > Blatantly not true. There's this thing called NIMROD that has been proposed > to replace it. Perhaps you've heard of it? ;-)
That's Noel's comment, I suspect hes got some perspective on that :-) > I agree that some security needs to be deployed. I'm not convinced that it > needs to be BGPSEC. We've muddled along for many years and never found the > gumption to actually deploy anything. Must not be important to people. I > don't get it, but that's the observable behavior. > > In any case, this doesn't seem like a research topic. This is pretty clearly > an engineering issue. I don't agree. The engineering solution that SIDR is actively working (RPKI-enabled BGPSEC) is pumping out standards track RFCs like there's no tomorrow. The USG has stated intentions of "expediting secure routing work through the Internet standard process" and "fostering adoption through government procurement vehicles". As an operator this scares the hell out of me, especially considering what they've designed is largely a system to control "what's routed on the Internet and by whom". They can't seem to do anything in BGP(SEC) without introducing the equivalent of "periodic updates", and undoing all the goodness of things like update packing completely. Some serious thinkers working on this problem would be goodness... -danny _______________________________________________ rrg mailing list rrg@irtf.org http://www.irtf.org/mailman/listinfo/rrg
