Re: BGP to doom us all

North American Network Operators Group

Re: BGP to doom us all

From: Vadim Antonov
Date: Sat Mar 01 01:51:17 2003

Thank you very much, but no.

DNS (and DNSSEC) relies on working IP transport for its operation.

Now you effectively propose to make routing (and so operation of IP
transport) dependent on DNS(SEC).

Am I the only one who sees the problem?

--vadim

PS. The only sane method for routing info validation I've seen so far is
    the plain old public-key crypto signatures.

On 1 Mar 2003, Paul Vixie wrote:
> 
> > It wouldn't be too hard for me to trust:
> > 
> > 4969.24.origin.0.254.200.10.in-addr.arpa returning something like "true."
> > to check whether 4969 is allowed to originaate 10.200.254.0/24.  ...
> 
> at last, an application for dnssec!

Follow-Ups:
- Re: BGP to doom us all Christopher L. Morrow

References:
- Re: BGP to doom us all Paul Vixie

Prev by Date: Re: anti-spam vs network abuse
Next by Date: RE: BGP to doom us all
Date Index
Thread Index
Author Index
Historical