>> Bottom line question: Why should AS 1 control the length of time AS2 >> is vulnerable to replay attacks by AS' further downstream? > > Because it's AS 1's prefix.
It's AS2's policy. What you're saying is that a downstream AS shouldn't be allowed to have protection against replay attacks for traffic they no longer want to handle because --well, just because. Sorry, I don't agree. Russ
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
