[j-nsp] stealth bgp vulnerability?

[Paul Goyette]

> Your comment below indicates that you will be fixing this problem. Are you
> planning on implementing RFC 3682 The Generalized TTL Security Mechanism
> (GTSM).

GTSM is in our plans, but I cannot give any hint as to when it will
show up.

> My concern is that you will not be able to implement this in your current
> hardware i.e. IP II due to its lack of programability :(

Speaking for myself only, and NOT for the company, the IP-II ASIC is
not the only place where filtering can be done.  It would obviously
be the _best_ place, but...

> Will you be provideing free upgrades to IP III;)

I'm just a support guy - that's a Sales/Marketing question!

> My understading is that Procket claim to have a fully programable ASIC
> architecture? Does anyone know if they can implement the GTSM RFC?

Hmmm.  A fully programmable ASIC?  Sounds kind of oxymoronic!   :)
Don't we call those "general purpose CPUs"?