On 6 Jan 1998, Sean M. Doran wrote:
This would be much easier if we had a bottom-up hierarchical addressing structure rather than the current top-down one.
Consider the distribution of cryptographically authenticated connectivity maps a la NIMROD or a multi-level LS protocol, for example, for path authentication vs. how one would distribute and authenticate reachability information with the current addressing structure.
I don't understand how the current top-down allocation affects how that would be done. As I see it (and I haven't spent any significant time working on it, but it seems straightforward): 1) ARIN/whoever signs an address allocation to an entity 2) that entity signs route announcements to peers/upstreams, incuding who they are announced to 3) readvertisements are signed by the advertiser Any recipient of a route can verify that the address space was properly allocated by inspecting the address allocation certificate and verifying the signature of the registry, and they can verify the path that advertisement has taken to get to where it is. Thus no one can interject a route to a network prefix that is not properly allocated, and someone cannot steal a route advertisement for someone else's prefix. The biggest problem with something like this is the size of the routing table in memory (since you have to keep certificates around for readvertisements) and in the bandwidth required for the updates. I am not familiar with NIMROD, do you have a pointer to it? John Tamplin Traveller Information Services jat@Traveller.COM 2104 West Ferry Way 205/883-4233x7007 Huntsville, AL 35801