I really appreciate your thoughtful comments.
I'll admit that I am personally interested in the non-alt parts of
LISP security. My perhaps naive assumption is that something like
SIDR can be applied and that I'd like to get a better handle on the
surrounding landscape before I think in detail about that.
However thinking about how the alt differed from traditional
BGP--particularly in terms of the implications of high aggrigation on
security--is something I had not done.
One other comment:
>>>>> "Eliot" == Eliot Lear <lear at cisco.com> writes:
Eliot> I will make the following two general assertions, as relates to your comment
Eliot> about key management:
Eliot> • the problem is operationally difficult when there are large numbers of
Eliot> signers and/or long trust chains.
Eliot> • a small number of signers requires concentration of trust far beyond the
Eliot> point of what exists today (perhaps by 3 orders of magnitude or more),
Eliot> leading to potential continuity problems.
Eliot> These were the trade-offs I explored with NERD.
These are interesting. However I don't think I have talked about key
management for anything involving signers at all so far. I've talked
about key management for map register, but there explicitly talked
about a solution with no public key ops.
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.