On Thu, 5 Oct 2006 13:34:52 +0200, Iljitsch van Beijnum <iljitsch@xxxxxxxxx> wrote: > On 4-okt-2006, at 16:30, Steven M. Bellovin wrote: > > >> Having read the draft, I do have similar concerns with "double-ended" > >> operations. The draft mentions that the new key should only be used > >> when it's "at a point where it is reasonably certain that the other > >> side would have it installed, too". This is not very exact language, > >> and I wonder how implementations would handle this. > > > My intention, actually, was that operators would do that. "Attention > > customers: we will be installing the 2007 BGP key on January 15. > > Please > > install the new key on your end before then." -- and then you > > actually do > > your end on Jan 20 or thereabouts. > > My perspective: > ... I don't know that I agree with the details of your scenario, but that's irrelevant to my larger point: it isn't the implementation that decides, it's people. I also agree that it's better that everything be completely automated. As the I-D says, this is advice on an interim solution until we can engineer and deploy something better. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf