On Feb 24, 2012, at 5:49 PM, Randy Bush wrote: >> Solving for route leaks is /the/ "killer app" for BGPSEC. > > as would be solving world hunger, war, bad cooking, especially bad > cooking. > > route leaks, as much as i understand them > o are indeed bad ops issues > o are not security per se > o are a violation of business relationshiops > o and 20 years of fighting them have not given us any significant > increase in understanding, formal definition, or prevention. > > i would love to see progress on the route leak problem. i do not > confuddle it with security.
So, it is not OK for traffic to be /intentionally/ diverted through a malevolent AS, but it is OK for traffic to be /unintentionally/ diverted through a (possibly) malevolent AS? Who's to judge the security exposure[1] of the latter is not identical (or, worse) than the former? -shane [1] dropped traffic, traffic analysis, etc.
