[j-nsp] About Secure Transport for RPKI on JUNOS
Bjørn Mork
bjorn at mork.no
Wed Dec 26 13:36:49 EST 2018
Chris Morrow <morrowc at ops-netman.net> writes:
> On Sun, 23 Dec 2018 16:15:24 -0500,
> Melchior Aelmans <melchior at aelmans.eu> wrote:
>>
>> Hi Pyxis,
>>
>> On Sat, Dec 22, 2018 at 8:58 AM Pyxis LX <pyxislx at gmail.com> wrote:
>>
>> > Does JUNOS support any secure transports mentioned in RFC6810 for rpki-rtr
>> > protocol? (SSHv2/IPsec or TLS for rpki-rtr-tls?)
>> >
>>
>> We are discussing internally what secure transport method to support. I'm
>> happy to hear your ideas.
>
> 'tcp-ao' - yes... srsly.
Huh? Why? No support on any server OS, AFAIK. Yes, there were patches
for FreeBSD and Linux a few years ago, but I don't think they went
anywhere? This will severely limit the usability.
Let's have ssh, and optionally tls. We need something we can run on a
server today. Not 8 year old foilware.
Bjørn
More information about the juniper-nsp
mailing list