RE: New Draft Document: De-boganising New Address Blocks
Timothy Brown wrote: I disagree with the view that it is a hack. It's no more a hack than using a DNS feed;
I concur with this. Besides, from the pragmatic side of the "consumer", if it does solve a problem (albeit short or medium term) I don't care much if it's a "hack". Hint: all this bogon or related filtering is not a long-term solution. We need it now, but the long term solution is some kind of authentication that will allow only the rightful owner of a block to announce it. Michel.
On Tue, 24 Feb 2004, Michel Py wrote:
Hint: all this bogon or related filtering is not a long-term solution. We need it now, but the long term solution is some kind of authentication that will allow only the rightful owner of a block to announce it.
This I completely agree with. The correct future solution is authentication of network ownership of ip block with proper digital signatures (in fact I think I put on completewhois website). Its too bad S-BGP does not seem to be have futher development and more support. And I reject the idea that not enough memory is a big problem for deployment - the memory on PCs is really cheap now and the router vendors can easily develop routers with 1GB or RAM or more when needed and protocol can be done in a way that signatures are complimentary/optional and not required so as to support slow deployment. PS. I have lots of ideas in this area, I'd love to know where to send them all, I don't see any discussion on any public mailing list about S-BGP. -- William Leibzon Elan Networks william@elan.net
participants (2)
-
Michel Py -
william(at)elan.net