23 May
2005
23 May
'05
12:54 p.m.
In message <B6DE33ED-0C90-46A1-ACD9-329F10905B0B@muada.com>, Iljitsch van Beijn um writes:
On 23-mei-2005, at 17:39, Randy Bush wrote:
o with sbgp, the assertion of the validity of asn A announcing prefix P to asn B is congruent with the bgp signaling itself, A merely signs the assertion in the bgp announcement.
o with sobgp, the assertion is in an external database with issues such as
This is nonsense. Did you even read the soBGP drafts?
In S-BGP the certificates are carried in path attributes, in soBGP in a new BGP message. Other than that, they do not differ in this regard.
Randy isn't talking about certificates, he's talking about how you tell if a path is legitimate. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb