North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: soBGP deployment
At 10:37 -0700 5/23/05, william(at)elan.net wrote:
Don't confuse cryptography with security.You do need "trusted third party" to act as PKI root signer. We're lucky because unlike other places, we do have hierarchy with ip addresses and ASNs and NIR is the "root" organization.
You need one trusted third party to arrange for the cryptography to scale (work). You need a different third party to help authenticate (secure) the routing data.
IMHO, you don't necessarily want these two third parties to be the same.
Edward Lewis +1-571-434-5468
If you knew what I was thinking, you'd understand what I was saying.