Why should I need to trust some vague certificate authority? I'd rather trust DANE/TLSA and DNSSEC. Or something similar.
Solving the trust problem in routing would require ISPs to manually whitelist which AS advertisements are valid on any given interconnect - you know something is wrong if Comcast advertises some Virgin Media network, or whatever.
Encryption by itself can't solve trust. It can only protect against MITM.
Solving the trust problem in routing would require ISPs to manually whitelist which AS advertisements are valid on any given interconnect - you know something is wrong if Comcast advertises some Virgin Media network, or whatever.
Encryption by itself can't solve trust. It can only protect against MITM.