[175828] in North American Network Operators' Group
Re: BGP Security Research Question
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Tue Nov 4 08:01:23 2014
X-Original-To: nanog@nanog.org
X-Envelope-To: nanog@nanog.org
Date: Tue, 04 Nov 2014 13:00:45 +0000
From: Nick Hilliard <nick@foobar.org>
To: sthaug@nethelp.no
In-Reply-To: <20141104.133814.74685217.sthaug@nethelp.no>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On 04/11/2014 12:38, sthaug@nethelp.no wrote:
> These mechanisms do little or nothing to protect against unauthorized
> origination of routing information. There are plenty of examples which
> say it has *not* been enough, see for instance the Pakistan Telecom -
> Youtube incident in 2008.
mis-origination and related problems are all policy problems rather than
technical transport issues. Policy implies human input at some stage along
the chain, so probably the only way we'll ever see the end of unintended
prefix leaks is to completely eliminate human input in all aspects of
routing policy management.
Nick
