In message <20161230024719.36002.qmail@xxxxxxx>, "John Levine" writes: > In article <m2poka5e9p.wl-randy@xxxxxxx> you write: > >> We do have the technology to provide a CERT to every customer. See > >> SIDR. > > > >see frequent residential address reassignment > > That's not really a problem, since vanishingly few resi customers are > multihomed. The problem occurs with customers who are big enough to > be multihomed but not so big that they have a staff that knows all > of the magic of BGP and expensive routers. > > R's, > John And it should be possible for a router to request a CERT for the addresses is it allocated by ISP A along with their assignment and provide it to ISP B, ISP C ... It just needs to supply a public key for a private key it knows so the allocation process can fill in the rest of the details and sign it. Whether this ever gets down to residential equipement I don't know but it would theoretically work. There is no reason it couldn't work. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx