SM wrote: > The most important factor in choosing a security mechanism is the threat > model. Right. > That is, who may be expected to attack what resource, using what > sorts of mechanisms? (RFC 3631). Perhaps, a threat will be by an ISP trying to advertise someone else's address range as its own. However, protections against the threat does not prevent the ISP advertise the range as someone elses'. That is, the ISP can attach its own AS number to a legitimate AS path for the range. Then, the ISP can capture packets destined to addresses within the range, against which, there is no protection. Masataka Ohta _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf