> +--3--+ > 1--2 5 > +--4--+ > > Where 1 is originating a route towards 2, and 2 towards 3 and 4. If the > link between 2 and 3 fails, or 2 changes its policy, it must wait the > duration of 1's timer before being assured 3 cannot continue to > advertise the route.
that is why beaconing is said to provide only a certain measurable and controllable freshness guarantee. no surprise there. > From 2's perspective, it has no ability to control the speed at which > it can effectively implement policy or prevent replay attacks. > > This is unacceptable. The timer must be per hop. would you explain why this would reduce the window? e.g., if 2 signs with a time and 3 signs with a time, 3 can still replay within 2's window, which one presumes is about as wide as 1's window. no gain, non-trivial pain. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
