North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Internet failures over the next 3 years - slight tangent
On Tue, 22 Jun 1999, Tim Wolfe wrote: > > - Critical Internet control software and systems > > I am not a router vendor, but it seems that adding some sort of auth key to > BGP (similar to the auth system of OSPF) wouldn't be all that difficult. > You could specify a key for each peer. There is already a option in the BGP OPEN message to add authentication on a BGP session. However, the RFC doesn't specify an authenitcation method to use. Of course securing the level 4 BGP session without securing the underlying TCP session is a weakness, so there is a proposal to implement an MD5 TCP authentication method. Does anyone know the status of this proposal? Andrew --- Andrew Lange UUNET - Ann Arbor [email protected]
|