> What I am missing is not whether or not this is BGP, but > whether or not the connection will have the properties of > BGP, of being very short. My suspicion is that the > data will be coming from all over the place, Internet-wide > (as with CRL) and so the security should be Web-like and not > BGP-like; ie TCP-AO will not do.
perhaps long-hop will be a rare case, and you will want your routers to have nearby caches. see draft-ymbk-rpki-origin-ops. remember, the caches talk to each other using object, not transport, security. it's just the final hop to the router that we're talking about here. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
