[EMAIL PROTECTED] wrote:
[..]
Pushing this task off to a server that does not have packet-forwarding
duties also allows for flexible interfaces to network management
systems including the possibility of asking for human confirmation
before announcing a new route.
There is no (direct)
Right. Everyone makes mistakes, but not everyone is malicious.And
the RIRs and the big ISPs are *generally* more clueful than
the little guys and the newcomers. Note also that secured
BGP limits the kinds of mistakes people can make. If I have
a certificate from my RIR for
Is there some way of deploying a solution like Secure BGP without
actually requiring that it go into the routers?
The IETF SIDR wg (shameless plug as I'm wg co-chair) is working on
a way to say with strong assurance who holds what prefixes, and
therefore who can authorize the origination of what