Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Internet failures over the next 3 years - slight tangent

  • From: Andrew Lange
  • Date: Tue Jun 22 19:05:08 1999 


On Tue, 22 Jun 1999, Tim Wolfe wrote:
> >    - Critical Internet control software and systems
> 
> I am not a router vendor, but it seems that adding some sort of auth key to
> BGP (similar to the auth system of OSPF) wouldn't be all that difficult. 
> You could specify a key for each peer.

There is already a option in the BGP OPEN message to add authentication on
a BGP session.  However, the RFC doesn't specify an authenitcation method
to use.  Of course securing the level 4 BGP session without securing the
underlying TCP session is a weakness, so there is a proposal to implement
an MD5 TCP authentication method.  Does anyone know the status of this
proposal?

Andrew
---
Andrew Lange
UUNET - Ann Arbor
alange@ans.net


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.