[28932] in North American Network Operators' Group
Re: That pesky AS path corruption bug...
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Thu May 25 02:12:46 2000
Date: Thu, 25 May 2000 14:10:35 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: Michael Shields <shields@msrl.com>
Cc: nanog@merit.edu
Message-ID: <20000525141035.F10623@ewok.creative.net.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <87puqbgoul.fsf@challah.msrl.com>; from Michael Shields on Thu, May 25, 2000 at 05:50:42AM +0000
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, May 25, 2000, Michael Shields wrote:
>
> In article <20000524163200.D367@ewok.creative.net.au>,
> Adrian Chadd <adrian@creative.net.au> wrote:
> > Cryptographically signing here ensures someone isn't going to tamper
> > with your route announcements in transit. When script kiddies have the
> > technology to splice fibre cabes in their backyard and sniff/replace
> > data at line speed, I'm sure they will have more fun things to do than
> > mess with your BGP session.
>
> Are you as confident about the security of exchange point fabrics?
No, but I can think of better things to be doing than fucking with
route announcements. ;-)
Although I do concede here, signing can also provide a level
of route filtering as was mentioned in the last email back at me.
Has anyone got any working code for that?
Adrian
--
Adrian Chadd Build a man a fire, and he's warm for the
<adrian@creative.net.au> rest of the evening. Set a man on fire and
he's warm for the rest of his life.
