On Fri, May 6, 2016 at 6:06 PM Randy Bush <ra...@psg.com> wrote: > > Some people do use route servers, and won't do their own validation - > > I'd rather that they have the information available to make a decision > > than not... > > this glibly glosses over that, by outsourcing origin validation, an > attack vector is introduced.
Yup. > i presume i do not need to describe it. > so it needs to be big in the sec cons. > Yup, I fully agree. I had a flag set to mention that, but somehow lost it. It definitely needs to be stressed -- you really really really should do your own validation. If, for some reason you cannot / will not, having someone else doing your validation *might* be better than nothing, but it also might not be... W > > randy >
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr