On Wed, 18 Sep 2002, Steven M. Bellovin wrote:
Wow, we should all start using out of band management. Anyone think it is feasible to do management of an IP network exclusively out of band? And BGP should be more secure. What is the problem we should be trying to fix here? There is a "Secure BGP" draft: http://www.ir.bbn.com/projects/sbgp/draft-clynn-s-bgp-protocol-00a.txt Implementing this may make BGP very secure, but it will make the internet as a whole much less reliable because routing will no longer be a function that can be performed autonomously by routers, but something that's tied into a global (public key) infrastructure. An infrastructure that depends on routing to work... Hello circularity. I read solutions (well, avenues for possible solutions) without a good indication of what the problem is. (That goes for both the Secure Cyberspace and S-BGP drafts.)