On Wed, Oct 06, 2021 at 04:08:00PM +0200, Tim Bruijnzeels wrote:
> Contrary to Route Origin Validation (with ROAs) there is no 'not
> found' state.
I don't think it is helpful to attempt to put BGPsec and ROAs in the
same equivalance class, draw parallels and then conclude that the
'not-found' st
> A fundamental issue that I see is that BGPSec validation only has
> 'valid' or 'invalid'.
just as ROV has: Valid and Invalid.
hard to have other states in a crypto-based validation; though i have
faith that some creative types could come up with something. please
color it magenta :)
and, just
> On 6 Oct 2021, at 12:55, Matthew Walster wrote:
>
> To me, there's two main issues with BGPsec, and that is the memory
> requirement of storing all the published keys, and the CPU impact of signing
> and/or verifying so many things. These are things that may be addressed over
> time with
On Tue, 5 Oct 2021, 10:42 Job Snijders via routing-wg,
wrote:
> If at this point there still are undocumented gotcha's, they aren't
> gonna be found in a vacuum. Lowering barriers (by for example making it
> easier to manage BGPsec in the RPKI dashboard) will increase the number
> of people able
