There have been suggestions that a key-per-AS is easier to manage than a key-per-router, like in provisioning.
Two points -- First, if a single person with console access leaves the company, I must roll the key for all my BGP routes, with the attendant churn, etc. I can't imagine anyone deploying such a thing. Second, a secret only remains secret if two people know it, and one of them is dead -- a basic rule of security is prevent the spread of knowledge. If every person in the organization with console access knows the private key for every router in the network, it's no longer secret. So you can have one key pair per AS, and risk your security. Or you can add more key pairs, either per router, per POP, per region, or at some other level of granularity, and advertise more information about your network as well as make the key pair database larger. Either you weaken your security in one way, or you weaken your security in another. Doesn't sound like much of a "tradeoff" to me. What astounds me is the quietness on this list about this stuff... :-) Russ