[28911] in North American Network Operators' Group
Re: That pesky AS path corruption bug...
daemon@ATHENA.MIT.EDU (Sean Donelan)
Tue May 23 16:50:34 2000
Date: 23 May 2000 13:47:59 -0700
Message-ID: <20000523204759.25252.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: nanog@merit.edu
From: Sean Donelan <sean@donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 23 May 2000, Jeff Haas wrote:
> The only valid defense against such mucking that I can think of
> is verifying AS adjacencies against some registry and flagging
> unknown paths. This is not a cheap thing to do. This, however,
> is far saner than cryptographically signing all routing updates
> which is one solution I've heard proposed. :-P
You can cryptographically sign bad information as well as good
information. Cryptography is good for detecting alterations, not
if the information was correct in the first place.
