[86960] in North American Network Operators' Group
Re: BGP Security and PKI Hierarchies
daemon@ATHENA.MIT.EDU (Florian Weimer)
Thu Nov 24 14:27:28 2005
From: Florian Weimer <fw@deneb.enyo.de>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: Randy Bush <randy@psg.com>, nanog@nanog.org
Date: Thu, 24 Nov 2005 20:26:56 +0100
In-Reply-To: <20051122205420.59B773BFE8C@berkshire.machshav.com> (Steven
M. Bellovin's message of "Tue, 22 Nov 2005 15:54:20 -0500")
Errors-To: owner-nanog@merit.edu
* Steven M. Bellovin:
> Furthermore, given that a trust algebra may yield a trust value, rather
> than a simple 0/1, is it reasonable to use that assessment as a BGP
> preference selector? That would tie the security very deeply -- too
> deeply? -- into BGP's guts.
Wouldn't this provide significant economic incentive towards gaining a
high value on this metric? I'm not sure if this a good idea because
even if you call it a "trust metric", it does not have to correspond
to ethical behavior.
