Wasn't there a proposal along the lines of: Create an attribute that says: "I authorize you to announce this route to your provider" The originator and all transited ASes must sign it. Any AS can remove it. If you receive an update without it (but with a bgpsec) from a customer or peer, then human intervention is required before accepting it. This way, human intervention occurs before the problem, not after.
What happened to that proposal? Was it Brian Dickson? -- Jakob Heitz. _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
