Trust is in the eye of the beholder – but it has to be based on something. In different contexts, crypto may be more relevant than heuristics, and vice versa. Traditionally, in Internetworking, business relationships have had a big role in determining whether or not to trust information being offered by another part, whether for routing information or for other network operations.
First hand knowledge/business relationship
- Internal business processes for own network
- Established, confidential and trusted information from neighbor networks
- Reliance on the 3rd party (e.g., IRR)
Crypto
Cryptography-based authentication of information is objective and automatable. Assuming the surrounding processes are sound, it does mean the detection of information that has been tampered with.
- Management of cryptographic information may not align with business models
- Potentially subject to takedown/capture
- Reliant on yet another external chain of trust
- Computing – offline (batch) or real time
- Hardware upgrades
- Heavy duty computing requirements, especially for real time work
- Deploying and updating keying material across a network of routers is logistically challenging
Heuristic
Some combination of knowledge and assumptions may be brought to bear in evaluating information.
- Business logic
- Generally preferred by operators
- BGPStream uses heuristics
Thoughts? Share a comment!