----- Alain Hebert ahebert@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
Sent: Tuesday, October 22, 2019 8:26 PM To: Keith Medcalf <kmedcalf@dessus.com> No,On Oct 22, 2019, at 2:08 PM, Keith Medcalf <kmedcalf@dessus.com>wrote:At this point further communications are encrypted and secure againsteavesdropping. The problem isn't the protocol being eavesdropped on. The data is already published publicly by many people. The problem is one of mutual authentication and authorization of the transport.Yes the information is public but if the routing information exchanged over a given peering session is tempered with that could potentially cause some problems right? But then again, as Jeff mentioned, with GTSM this vector is limited to a local link between two eBGP speakers (or whole IGP domain for iBGP sessions but let's leave that one out for now). So move from bilateral peering over common IX-LAN to direct peering Or if a direct link is still not to be trusted do MACSEC. Then it's all about you and the peer -if he/she screws you over de-peer. adam