Re: BGP-4+
"John W. Stewart III" <jstewart@metro.isi.edu> Thu, 19 December 1996 00:07 UTC
Received: from cnri by ietf.org id aa13505; 18 Dec 96 19:07 EST
Received: from merit.edu by CNRI.Reston.VA.US id aa28380; 18 Dec 96 19:07 EST
Received: (from daemon@localhost) by merit.edu (8.8.4/merit-2.0) id SAA08617
for idr-outgoing; Wed, 18 Dec 1996 18:48:43 -0500 (EST)
Received: from interlock.ans.net (interlock.ans.net [147.225.5.5]) by
merit.edu (8.8.4/merit-2.0) with SMTP id SAA08612 for <bgp@merit.edu>;
Wed, 18 Dec 1996 18:48:39 -0500 (EST)
Received: by interlock.ans.net id AA27683
(InterLock SMTP Gateway 3.0 for bgp@ans.net);
Wed, 18 Dec 1996 18:48:38 -0500
Received: by interlock.ans.net (Internal Mail Agent-1);
Wed, 18 Dec 1996 18:48:38 -0500
Message-Id: <199612182348.AA20876@metro.isi.edu>
To: Yakov Rekhter <yakov@cisco.com>
Cc: Susan Hares <skh@merit.edu>, dkatz@cisco.com, bgp@ans.net
Subject: Re: BGP-4+
In-Reply-To: Your message of "Wed, 18 Dec 1996 14:59:12 PST."
<199612182259.OAA20995@puli.cisco.com>
X-Phone: +1 703 812 3704
Date: Wed, 18 Dec 1996 18:48:33 EST
From: "John W. Stewart III" <jstewart@metro.isi.edu>
Sender: owner-idr@merit.edu
Precedence: bulk
> > 2) Security Considerations > > > > BGP-4++ is just as secure or un-secure as BGP-4. > > To be more precise the two new attributes do not alter > BGP-4 security properties. > > > Is it your understanding that users need this security or is > > TCP good enough? > > I would like to get a feedback from the WG on this question. at least one Popular Router Vendor has a feature for enabling security for bgp. my understanding (correct me if i'm wrong) is that this is done via crypto- checksum of the underlying tcp connection .. which has the nice result of protecting the bgp process as well as the underlying tcp connection from SYN and RST attacks (bgp-only security wouldn't protect the latter) if i were a provider, then i think this would be enough for me right now idrp provides for its own transport, right? does that include anything in the way of security? i ask to know if any already-existing specs with alternatives exist /jws
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Susan Hares
- Re: BGP-4+ Susan Hares
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Brandon Black
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Dorian R. Kim
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Tony Bates
- BGP-4+ Dave Katz
- Re: BGP-4+ Dimitry Haskin
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Brad Smith
- Re: BGP-4+ Dorian R. Kim
- Re: BGP-4+ bmanning
- Re: BGP-4+ Tony Li
- Re: BGP-4+ Brad Smith
- Re: BGP-4+ Dorian R. Kim
- Re: BGP-4+ Brad Smith
- Re: BGP-4+ Curtis Villamizar
- Re: BGP-4+ Curtis Villamizar
- Re: BGP-4+ Curtis Villamizar
- Re: BGP-4+ Curtis Villamizar
- Re: BGP-4+ Dennis Ferguson
- Re: BGP-4+ Brandon Black
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Dennis Ferguson
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ John W. Stewart III
- Re: BGP-4+ Yakov Rekhter
- Re: BGP-4+ Geert Jan de Groot
- Re: BGP-4+ Brad Smith
- Re: BGP-4+ [QOS et al] John G. Scudder
- Re: BGP-4+ Paul Traina