[24376] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Internet failures over the next 3 years - slight tangent

daemon@ATHENA.MIT.EDU (Tony Li)
Wed Jun 23 02:24:51 1999

Date: Tue, 22 Jun 1999 23:23:14 -0700
From: Tony Li <tony1@home.net>
To: Andrew Lange <alange@ans.net>
Cc: Tim Wolfe <tim@clipper.net>, Sean Donelan <SEAN@SDG.DRA.COM>,
	nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu


> There is already a option in the BGP OPEN message to add authentication on
> a BGP session.  However, the RFC doesn't specify an authenitcation method
> to use.  Of course securing the level 4 BGP session without securing the
> underlying TCP session is a weakness, so there is a proposal to implement
> an MD5 TCP authentication method.  Does anyone know the status of this
> proposal?

Please see RFC 2385.  There are multiple (interoperable) implementations.  All
you have to do is turn it on....

Tony


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[24376] in North American Network Operators' Group

Re: Internet failures over the next 3 years - slight tangent

daemon@ATHENA.MIT.EDU (Tony Li)Wed Jun 23 02:24:51 1999

daemon@ATHENA.MIT.EDU (Tony Li)
Wed Jun 23 02:24:51 1999