[j-nsp] stealth bgp vulnerability?

[Damon Pegg]

Something sneaky maybe occuring?  Following a couple of prominent UK IX members suddenly demanding the use of MD5 on EBGP sessions Juniper TAC confirmed a related BGP security vulnerability but wouldnt give us any info beyond asking that we comply with any requests from upstreams and/or peers to use MD5.  A little cloak and dagger methinks.  Can anyone shed more light?

Damon.