North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: AS8584 taking over the internet

  • From: Scott Huddle
  • Date: Thu Apr 09 19:40:15 1998

I have and remain unconvinced and or confused ;)  The proposal allows
an operator to verify a valid origin AS for a given prefix (i.e. "config"
sorry if I'm being loose with the word) by using the DNS system with
"bgp.in-addr" extensions.  I'm not sure which part of the random 
route announcement problem that dnssec solves in this case?  It can
help with the "are they indeed are who they say they are", but it 
doesn't solve the "are they supposed to be doing what they said that 
they're doing" case.

And you didn't address my paranoia about not trusting the DNS ;)

-scott

> you may wish to read the draft.  it did not suggest using the dns to
> configure.  and you may also want to look into dnssec.
> 
> randy
>