Re: Autonomous System Sanity Protocol

"Donald E. Eastlake 3rd" <> Mon, 28 April 1997 06:14 UTC

Received: from by id aa11869; 28 Apr 97 2:14 EDT
Received: from cnri by id aa11538; 28 Apr 97 2:04 EDT
Received: from by CNRI.Reston.VA.US id aa02844; 28 Apr 97 2:04 EDT
Received: by; id BAA25318; Mon, 28 Apr 1997 01:50:17 -0400
Received: from by via smap (3.2) id xma025312; Mon, 28 Apr 97 01:49:46 -0400
Received: by (4.1/SMI-4.1) id AA24447; Mon, 28 Apr 97 01:54:56 EDT
Date: Mon, 28 Apr 1997 01:54:55 -0400 (EDT)
From: "Donald E. Eastlake 3rd" <>
To: Jeff Young <>
Cc:,, ietf@CNRI.Reston.VA.US
Subject: Re: Autonomous System Sanity Protocol
In-Reply-To: <>
Message-Id: <>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Source-Info: From (or Sender) name not authenticated.

See RFC 2065.  DNSSEC provides a way to securely distribute keys 
associated with domain names.  By populating the tree with 
keys and securing the DNS tree above that point, you could provide for 
authoritative messages signed by an IP address as to what local 
connectivity it sees.


(Alternatively you could distribute the key and server list for the (and or whatever it is) nodes and not have to secure 
the tree above that point.  And I'm sure there are complication 
associated with classless in-addr delegation...but these are probably 

 On Sun, 27 Apr 1997, Jeff Young wrote:

> Date: Sun, 27 Apr 1997 10:00:02 -0400
> From: Jeff Young <>
> To: Noel Chiappa <>
> Cc:,, ietf@CNRI.Reston.VA.US
> Subject: Re: Autonomous System Sanity Protocol 
> so in addition to the registries that hold the routing information
> we need some kind of key repository for the exchange of information.
> then there's the new or improved protocol to handle passing and 
> authenticating the information.  
> that'd protect us from a lot (an even bigger previous - 192/8 - fiasco
> comes to mind).  sounds like the use of registries is still a good start.
> Jeff Young

Donald E. Eastlake 3rd     +1 508-287-4877(tel)
   318 Acton Street        +1 508-371-7148(fax)
Carlisle, MA 01741 USA     +1 703-620-4200(main office, Reston, VA)