[j-nsp] About Secure Transport for RPKI on JUNOS
Nitzan Tzelniker
nitzan.tzelniker at gmail.com
Wed Dec 26 14:07:03 EST 2018
If we are talking about SSH in Junos
I am waiting for TrustedUserCAKeys support as describe in
https://code.fb.com/security/scalable-and-secure-access-with-ssh/
Nitzan
On Wed, Dec 26, 2018 at 8:39 PM Bjørn Mork <bjorn at mork.no> wrote:
> Chris Morrow <morrowc at ops-netman.net> writes:
> > On Sun, 23 Dec 2018 16:15:24 -0500,
> > Melchior Aelmans <melchior at aelmans.eu> wrote:
> >>
> >> Hi Pyxis,
> >>
> >> On Sat, Dec 22, 2018 at 8:58 AM Pyxis LX <pyxislx at gmail.com> wrote:
> >>
> >> > Does JUNOS support any secure transports mentioned in RFC6810 for
> rpki-rtr
> >> > protocol? (SSHv2/IPsec or TLS for rpki-rtr-tls?)
> >> >
> >>
> >> We are discussing internally what secure transport method to support.
> I'm
> >> happy to hear your ideas.
> >
> > 'tcp-ao' - yes... srsly.
>
> Huh? Why? No support on any server OS, AFAIK. Yes, there were patches
> for FreeBSD and Linux a few years ago, but I don't think they went
> anywhere? This will severely limit the usability.
>
> Let's have ssh, and optionally tls. We need something we can run on a
> server today. Not 8 year old foilware.
>
>
>
> Bjørn
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list