Another flaky idea - Verification (1)

Each EBGP speaker adds a capability containing a list of ‘prefix verification servers’ to the session, together with a key that will permit the speaker to query the server

It’s assumed the session itself is safe from malicious interception through (say) BGP Authentication

Lightweight authenticated protocol can be used to verify prefixes
- Could be similar DNSSEC a la rekhter/li/bates/bush or something else

Each EBGP speaker adds a capability containing a list of ‘prefix verification servers’ to the session, together with a key that will permit the speaker to query the server