27 Jan
2012
27 Jan
'12
4:21 p.m.
On Fri, Jan 27, 2012 at 3:52 PM, Patrick W. Gilmore <patrick@ianai.net> wrote:
MD5 on BGP sessions is the canonical example of a cure worse than the disease. There has been /infinitely/ more downtime caused by MD5 than the mythical attack it protects again. (This is true because anything times zero is still zero.)
I don't disagree with patrick here... but 'infinitely more', is hard to measure :) "Most likely there have been far more lengthy outages due to lost/changed/incorrect key material than were caused by the problem this is meant to solve for." -chris
It is