25 Sep
2006
25 Sep
'06
6:57 p.m.
I just think (if I correct understood that, sorry but this RFC is not easy reading) small enhancement of this will give us the large improvement: we can do filtering of unauthorized announcements (announcements of right prefix originated with right AS but from wrong place)!
will need one more thing to verify origin, what is called a Routing Origination Authority, which looks a lot like a cert and is stored in the infrastructure, but which binds a cert of address ownership to the as number which is authorized to announce it. this would be verifiably signed by the formal owner of the address space. randy