Job Snijders wrote: > I believe this update addresses the concerns raised in this phase of the > document. yes, thanks, it addresses these concerns, and the document is a lot better as a result. The second major area of concern I have about this proposal is the transitive nature of the bgp community. The issue is that the draft specifies a mechanism to cause traffic to be dropped on the floor, that the signaling mechanism is globally transitive in scope, and the specific intent is that prefixes tagged in this way are exported to other ASNs. In other words, the draft specifies behaviour that is risky by default. Prefix hijacking rates suggest that adding a new compromise vector is something that should be considered carefully in the context of standardisation. The obvious way to work around this would be to specify a non-transitive community, but that would defeat the purpose of the draft. Other options might include a requirement that BLACKHOLE should automatically be marked as NO-EXPORT when received by a third party ASN. This doesn't deal with backwards compatibility, though, and given the lifetime of bgp implementations, there would be a large time window opened where this may be a problem. Nick