Paul Wouters has entered the following ballot position for draft-ietf-bess-bgp-sdwan-usage-20: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-bess-bgp-sdwan-usage/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I support John's and Roman's DISCUSSes. I am also a bit confused about using BGP as a authorization protocol (as per 3.1.5). A compromised node an always make up its routes to try and break out. BGP doesn't stop that if one is willing to violate the BGP protocol. I would not call BGP "well suited" for this. I also do not understand the argument that BGP can be used to simplify IPsec configuration ? The Security Considerations then seem to flip this around, saying IPsec can be used to secure this solution of using BGP ? _______________________________________________ BESS mailing list BESS@ietf.org https://www.ietf.org/mailman/listinfo/bess
