[144198] in North American Network Operators' Group
Re: Do Not Complicate Routing Security with Voodoo Economics
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Mon Sep 5 01:06:46 2011
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: North American Network Operators' Group <nanog@nanog.org>
Date: Mon, 5 Sep 2011 05:06:13 +0000
In-Reply-To: <830078CE-831C-4C61-9845-E8B5ABE5C1E5@arbor.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sep 5, 2011, at 11:55 AM, Dobbins, Roland wrote:
> Origin validation <> path validation.
Rather, that should read, 'Origin/path validation <> origin/path enforcemen=
t'.
The idea of origin validation is a simple one. The idea of path validation=
isn't to determine the 'correctness' or 'desirability' of a particular AS-=
path, but rather to determine the *validity* (or at least the *feasability*=
) of a given AS-path. =20
Origin validation is relatively easy compared to AS-path validation, and or=
igin validation is the most important function of S*BGP. And in a world wi=
th universal origin and AS-path validation, how is there some economic adva=
ntage to be had by deploying S*BGP? =20
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
The basis of optimism is sheer terror.
-- Oscar Wilde
