> IX are used for optimizing local traffic patterns. Only very few > applications of IX are about Internet peering broker service (but let's > keep those out for the time being).
ixen are used for all sorts of things, including transit. > So if we assume that A wants to give some of his addresses to B & C via > RS why do they need to bother with bgpsec at all ? because A, B, and C have bgpsec speaking customers who want their prefixes protected. > When A advertises it's nets to it's Internet providers yes it will > forward sign it properly so they will be announced everywhere according > to BGPsec rules. it's not just A's prefixes, it's also A's customers' prefixes. > Imagine an IX without RS ... A wants to peer with B and both establish > a peering relation I really see no need why they should get any of > additional security on top of their direct route exchange as B will > not be a transit for A anyway. first, you have no idea whether they are transit or not. the business models across exchanges are quite diverse. second, both A and B have CUSTOMERS. A and B received those prefixes as signed, and A's and B's receiving customers want to receive them via bgpsec. no one's customers want to have their security reduced just because an upstream or more complex business partner uses an exchange point. weakened security does not sell well. randy _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
