>> In these use cases, what breaks if we allow two ROAs to co-exist in the >> system (one authorizing the customer AS and one authorizing the proxy AS >> to originate the prefix) _much before_ the attack (or storm) takes place? >> After all, this is a valid business relationship. Choose your pill wisely. > > Is't this already allowed ? I don't think we need to change anything for > this to work.
I think that's the point. Going back to Randy's original message, the point is that if you can plan ahead, then there's no issue here. The only problem arises if you need to authorize someone at the last minute, which, as Randy points out, is not really a solved problem. --Richard _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr