In message <20161230024719(_dot_)36002(_dot_)qmail(_at_)ary(_dot_)lan>, "John
Levine" writes:
In article <m2poka5e9p(_dot_)wl-randy(_at_)psg(_dot_)com> you write:
We do have the technology to provide a CERT to every customer. See
SIDR.
see frequent residential address reassignment
That's not really a problem, since vanishingly few resi customers are
multihomed. The problem occurs with customers who are big enough to
be multihomed but not so big that they have a staff that knows all
of the magic of BGP and expensive routers.
R's,
John
And it should be possible for a router to request a CERT for the
addresses is it allocated by ISP A along with their assignment
and provide it to ISP B, ISP C ... It just needs to supply
a public key for a private key it knows so the allocation process
can fill in the rest of the details and sign it.
Whether this ever gets down to residential equipement I don't know
but it would theoretically work. There is no reason it couldn't
work.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka(_at_)isc(_dot_)org