>ok. How about: >Each AS signs it as having passed it along, just like the BGPSEC. >Then after one AS removes it, a subsequent AS cannot add it back.
Jacob, Sorry, but that still doesn't work. The signature validation would break. Say, the update received at AS3 is P [AS2 AS1], where AS1 is the origin. Let us say, AS2 removed the signed attribute (that you proposed), and sent the update to AS3. Then AS3 will not be able to validate AS1's signature, because AS1's sig covered the removed attribute. Sriram >--Jakob _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
