21 May
2005
21 May
'05
2:25 p.m.
If you are an operator, would you deploy soBGP or something like it? If not, why not.
as smb has said for years, routing and dns are the two largest vulnerabilities. something like it, for sure. but i vastly prefer the s-bgp approach as it maps closely to bgp operational reality, and does not rely on a published policy database, which we have seen fail for over a decade, etc. we should learn from the decade-long problems with the deployment issues in dnssec, and map routing security as closely as possible to operational protocol and reality. randy