[j-nsp] About Secure Transport for RPKI on JUNOS

sthaug at nethelp.no sthaug at nethelp.no
Wed Dec 26 14:11:19 EST 2018


>>> We are discussing internally what secure transport method to support. I'm
>>> happy to hear your ideas.
>>
>> 'tcp-ao' - yes... srsly.
> 
> Huh? Why? No support on any server OS, AFAIK.  Yes, there were patches
> for FreeBSD and Linux a few years ago, but I don't think they went
> anywhere? This will severely limit the usability.
> 
> Let's have ssh, and optionally tls. We need something we can run on a
> server today.  Not 8 year old foilware.

Now if Juniper could implement TCP-AO and then donate the implementation
to FreeBSD? :-)

Steinar Haug, Nethelp consulting, sthaug at nethelp.no


More information about the juniper-nsp mailing list