>> I agree that some security needs to be deployed. I'm not convinced that it >> needs to be BGPSEC. We've muddled along for many years and never found the >> gumption to actually deploy anything. Must not be important to people. I >> don't get it, but that's the observable behavior. >> >> In any case, this doesn't seem like a research topic. This is pretty >> clearly an engineering issue. > > I don't agree. The engineering solution that SIDR is actively working > (RPKI-enabled BGPSEC) is pumping out standards track RFCs like there's no > tomorrow. The USG has stated intentions of "expediting secure routing work > through the Internet standard process" and "fostering adoption through > government procurement vehicles". > > As an operator this scares the hell out of me, especially considering what > they've designed is largely a system to control "what's routed on the > Internet and by whom". They can't seem to do anything in BGP(SEC) without > introducing the equivalent of "periodic updates", and undoing all the > goodness of things like update packing completely. > > Some serious thinkers working on this problem would be goodness…
I agree, but as you correctly point out, SIDR is an engineering solution. If you dislike that particular solution, you're of course free to propose others. However, the correct forum for engineering solutions is the IETF. Tony _______________________________________________ rrg mailing list rrg@irtf.org http://www.irtf.org/mailman/listinfo/rrg
