hi job, > TEXT: > An edge site which does not provide transit and trusts its > upstream(s) SHOULD only originate a signed prefix announcement and > need not validate received announcements. > > COMMENT: > If you are multihomed and receive full (or partial) tables, there is > benefit in validating the received routes, if not: why not? One > upstream might be poisoned while the other isn't? Mabye the text > should be amended to make it clear that this might apply if the stub > ASN only takes default-originates? that is why it is SHOULD. and note it does say "and trusts its upstream(s)." going down the rat-hole of trusting upstreams differently seems an exercise in adding words but not adding value. note that doing path validation would pretty much mean the end site buys new hardware. pointing out that one could avoid that was the purpose of the paragraph. if i made any change, it would be a rant about out-sourcing security. e.g. "Note that this is out-sourcing security, which is generally unwise. But the trade-off is likely out-sourcing security or buying bigger hardware." randy