North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: soBGP deployment

  • From: Iljitsch van Beijnum
  • Date: Mon May 23 12:07:57 2005 
On 23-mei-2005, at 17:39, Randy Bush wrote:


  o with sbgp, the assertion of the validity of asn A announcing
    prefix P to asn B is congruent with the bgp signaling itself,
    A merely signs the assertion in the bgp announcement.



  o with sobgp, the assertion is in an external database with
    issues such as




This is nonsense. Did you even read the soBGP drafts?



In S-BGP the certificates are carried in path attributes, in soBGP in
a new BGP message. Other than that, they do not differ in this regard.



And unless the implementations are stupid, it should be simple enough
to use a web of trust rather than a fixed trust hierarchy, so the RRs
don't (necessarily) come into play.




its the old simplicity vs complexity game yet again



Do I hear you say that S-BGP is less complex than soBGP??