bgp protection

at nanog san jose, steve bellovin presented a simple proposal for bgp tcp/md5 re-keying. it is now rfc 4808 "Key Change Strategies for TCP-MD5." this allows us to install and/or roll keys without disturbing the bgp session. and it is trivial for vendors to implement and for operators to use. i

Re: bgp protection

at the end of nanog, i sent two messages. was a minor side note re 204/4 , about which we can all really do nothing for many years. it engendered the thread from hell. was regarding