Speaking as a regular ol’ member On Aug 27, 2015, at 5:02 PM, Randy Bush <ra...@psg.com> wrote:
>>> an intermediate AS, which does not validate but signs, could apply >> I’d say that the intermediate AS who didn’t verify the signatures it >> received could be acting on bad info at any time, without any >> conspiring ASs around. The intermediate AS has no more assurance than >> a non-bgpsec speaker that the route it receives is valid. > > it is not worse than unsecured is a form of reasoning i do not buy. > > <snip> >> But the intermediate AS and any bgp4 (i.e. non-bgpsec speakers?) peers >> have chosen to be insecure - I see no reason to be concerned. > > same fallacious argument. we are supposed to be making things better, > not leaving them the same. Are you saying that any system that does NOT check the protections and does not spot invalid signatures should still be protected? I think that’s a pretty tall order. My concern is with those who do check the signature but who, because conspiring ASs “violate the guarantee”, do not get the bgpsec protection in some way. David’s suggestion that more of the data should be covered by the signature still does not help the hapless intermediate AS who does not check the signature, I would think. That AS could still fooled. So I don’t think that the new signature makes anything better for the non-checkers. —Sandy, speaking as a regular ol’ member
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
