On Mon, 9 Mar 2015, Henrik Thostrup Jensen wrote:
I am aware of the possibility of including source/destination STPs as proposed elsewhere, but that is flawed too (but I will answer that in another email replying to that slideset, as there are multiple issue with that).
I cannot find the suggestion for this, so I'll just add it here. Adding source/destination STPs to the request was suggested (I think) as a way for UPAs to check if transit policy was kept. However: 1. I cannot actually convince my self it is enough. While it will certainly catch some cases that cannot be cought from looking at the cross-connect there might be some situations where it is not enough. I don't have a counter-example, but I haven't seen an argument for why it should be correct. 2. The data is informational only. I.e., all one have to abuse the system, is to craft a request with some other source/destination than what is planned. That is, the mechanism is practially trivial to bypass. It should be difficult - not easy - to abuse the system. Best regards, Henrik Henrik Thostrup Jensen <htj at nordu.net> Software Developer, NORDUnet