Harley H wrote on 10/26/2018 8:52 AM:
Curious to hear others' thoughts on this.
https://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1050&context=mca
This paper presents the view that several BGP hijacks performed by
China Telecom had malicious intent. The incidents are:
* Canada to Korea - 2016
* US to Italy - Oct 2016
* Scandinavia to Japan - April-May 2017
* Italy to Thailand - April-July 2017
The authors claim this is enabled by China Telecom's presence in North
America.
Not sure I agree with the author's argument of having Access Reciprocity
between nations/governments (both as a technical solution or on
political principle). Moving towards an ecosystem where prefix
advertisements and AS paths are validated to prevent both accidental and
intentional hijacks is probably a better solution to improve
availability, integrity, and confidentiality. Encrypting traffic so
that, even if it does go through a hostile network, it remains
confidential and the integrity is validated is also probably a better
solution than the proposed access reciprocity. With the number of
players involved, neither of these will be short term changes. But, over
time, we seem to be moving in that direction already.
