>> you're supposed to guess >> >> the normal hack here is >> >> this document introduces no new security issues beyond those discussed >> in 1997 > > Guessing is horrible, but if that is what you do, that is what you do, > and if the risks are the accepted norm in the BGP community I am fine. i meant that, instead of being specific, you left it to the authors to guess what you wanted. > Is corruption (deliberate or otherwise) of the community strings > something that BGPsec will address? no. bgpsec does not sign over communities. this is because hops may validly remove them, thus invalidating signatures. randy