22 Jun
1999
22 Jun
'99
7:03 p.m.
On Tue, 22 Jun 1999, Tim Wolfe wrote:
- Critical Internet control software and systems
I am not a router vendor, but it seems that adding some sort of auth key to BGP (similar to the auth system of OSPF) wouldn't be all that difficult. You could specify a key for each peer.
There is already a option in the BGP OPEN message to add authentication on a BGP session. However, the RFC doesn't specify an authenitcation method to use. Of course securing the level 4 BGP session without securing the underlying TCP session is a weakness, so there is a proposal to implement an MD5 TCP authentication method. Does anyone know the status of this proposal? Andrew --- Andrew Lange UUNET - Ann Arbor alange@ans.net