Randy:
as i agree that there is a problem, i *very* eagerly await your proposal
Reality: A few years back there were a half a dozen options proposed. soBGP, pgBGP, IRR based solutions, etc. Just recently PSVs were discussed and dismissed as a live option. Why? 1. Only S-BGP/BGP-SEC will solve the "man in the middle attack," within the parameter of "I won't ever tell anyone what any of my policies are!" This single requirement --solving one specific policy issue without advertising policy-- has been the center pin of the entire discussion for a number of years. 2. Any time someone proposed something different, long threads ensue with lots of talk about how these folks don't know what they're talking about, etc., but which contain very little technical discussion, or thoughts on tradeoffs, etc. Any technical discussion is limited to taking out the "man in the middle attack," and beating it over the heads of those making the proposal --repeatedly. So the bottom line is this: The current requirements were written around the ability of one particular solution to solve one particular policy issue in a way that's acceptable to a very small set of operators. A single root has been a requirement for a long time, as well --we had this discussion a very long time ago. No other solution proposed had a single root, and S-BGP/BGP-SEC didn't have to use a single root. But a single root somehow made it into the requirements, and it's stayed there ever since. If you want honestly more options, go back and rethink your requirements. Russ