As far as answering the "First Goal" of the article, I really don't see much here that isn't handled today by route registries, except for the TLS certificate stuff. Not sure how much security that adds, practically; how often do people see their route objects jacked by hax0rs? For the "Second Goal" part, this is somewhat intriguing, although I would like to know how often "fake" as-paths get leaked and if it really happens often enough to justify a new BGP infrastructure in order to prevent it. Maybe as part of BGPv5, where there are other benefits to migrating to the new protocol (32-bit ASNs, anyone?) In short, the goals seem laudable, but it seems that this solution seems a bit, well, extreme, and I'm not sure if the disease if worse than the cure. That said, I'm curious how much of this can be implemented realistically at the single-peer level the paper mentions. Just don't ask me to run it on a GRP-B. -C On May 19, 2005, at 7:51 PM, vijay gill wrote:
If you are an operator, would you deploy soBGP or something like it? If not, why not.
http://www.cisco.com/en/US/about/ac123/ac147/ac174/ac236/ about_cisco_ipj_archive_article09186a00801c5a9b.html
/vijay