>>> why the security warning relating to denial of service attacks was >>> removed. >> >> what could possibly go wrong with a well-known transitive attribute >> which causes an un-authenticated prefix's traffic to be dropped on the >> floor? > > Today I have 5 or six of them... and my managment system has a series of > substitutions for the provider-appropriate one. So, what can go wrong > with a poorly understood and loosely coordinated transitive attributes > which cause unauthenticated prefixes traffic to be dropped on the floor? and you are kinda peotected by the community not being well-known, i.e. different for each upstream. the attacker has to know the community for each upstream and be able to not only inject the prefix but also tag it with the correct community for each upstream. it is the combination of well-known and transitive that is deadly. randy