On Nov 23, 2005, at 11:09 AM, Randy Bush wrote:
not exactly. there are two trusts here. i have to accept that asns as incompetent at configuration as i are attesting to prefixes and paths or i won't be able to get to a large part of the net.
but this is orthogonal to my trust in their competence to attest to the identity of other asns by cross-signing others' certs. i could have a business relationship with an asn whose routing competence i question.
What happened to responsibility? Where does it fit in to the issue?
responsibility for what?
sorry to be slow/cryptic. My issue is that if ISPs a) only announce networks that they know (for different values of know - but hopefully based on some kind of trust in the RIR's data) they are authorized to announce, and b) took responsibility for the behavior of the paths or prefixes they announce, and the bits that are originated in those paths or prefixes, and took action to stop the bad behavior, the issue of trust paths might not be so critical. I am not arguing in any way with your views or thoughts related to trust models. I was merely drifting back to the original issue of rogue players in the path, and suggesting that there is an alternative method of mitigating the problems caused by those players that doesn't require protocol work. Ignore the deviation in the thread. /rlj