-- "Tomas L. Byrnes" <tomb@byrneit.net> wrote:
It seems to me that a more immediately germane matter regarding BGP route propagation is prevention of hijacking of critical routes.
The best you can _probably_ hope for is a opt-in mechanism in which you are alerted that prefixes you have "registered" with the aforementioned system are being originated by an ASN which is not authorized to originate them. A lot of smart folks have given some thought to this exact issue, and perhaps one of the best examples of this is: "PHAS: A Prefix Hijack Alert System" Mohit Lad, Dan Massey, Dan Pei, Yiguo Wu, Beichuan Zhang, and Lixia Zhang Proceedings of 15th USENIX Security Symposium 2006 http://www.cs.ucla.edu/~mohit/cameraReady/ladSecurity06.pdf - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/