At Fri, 04 May 2012 17:33:43 -1000, Randy Bush wrote:
> > Might it be possible to create the key pair on the router?
> > Then you don't have to move the private key to the router,
> > You move the public key off the router. Much easier.
> draft-ymbk-bgpsec-rtr-rekeying-00.txt, section 3. Router-Generated Keys
Which notes that a (the?) main reason for even considering anything
other than router-generated keys is that router-generated keys are
somewhat problematic in hot swap scenarios. After thinking about this
a bit, I'm not sure I really believe in the hot swap issue as
described. Do we really care which router key is used to sign, so
long as the router key in question is certified properly so that
relying parties can verify the binding between key and signing AS?
So I suspect one could make the router-generated model work well. One
just has to plan for it (certify router keys from both the live and
hot spare routers) or accept that there will be some cut-over time if
one fails to plan (or if one's plans fail...).
sidr mailing list