[81047] in North American Network Operators' Group
Re: soBGP deployment
daemon@ATHENA.MIT.EDU (Florian Weimer)
Tue May 24 04:47:23 2005
From: Florian Weimer <fw@deneb.enyo.de>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: Pekka Savola <pekkas@netcore.fi>, Randy Bush <randy@psg.com>,
vijay gill <vijay@umbc.edu>, nanog@merit.edu
Date: Tue, 24 May 2005 10:44:58 +0200
In-Reply-To: <20050521200350.843463BFFF5@berkshire.machshav.com> (Steven
M. Bellovin's message of "Sat, 21 May 2005 16:03:50 -0400")
Errors-To: owner-nanog@merit.edu
* Steven M. Bellovin:
> Fundamentally, the answer to this question is this: how accurate do you
> think the routing registries are?
I don't think it's important how accurate they are *now*, but how
accurate they will be when some "secure" BGP version makes them (or,
more precisely, the route registration process) the weakest link in
the chain. The fact that careful checking on the ISP side protects
other ISPs only (and your own business interests just in a very
indirect fashion) makes me believe that securing BGP will be *very*
hard.
