RE: Identifiers

["Fleischman, Eric" <eric.fleischman@boeing.com>]

From: marcelo bagnulo [mailto:mbagnulo@ing.uc3m.es] wrote:
>The point is that if we care about destination addresses being genuine, we
>may also need to care about source addresses being genuine, depending on the
>sense of direction that the considered solution has. I mean, if the source
>address of established communications will be used as destiantion address
>for following communcations, if an attacker succeed in convincing a victim
>that IPA is one of its source addresses, following communications
>established by the victim to IPA will be routed to the attacker.

This point resonates with me. 

Also, if it were possible today to know that the source IP address were a 
genuine IP address, then that would strengthen a deployment's security posture. 
That is, today we can't know if many attacks are using spoofed addresses or not. 
However, if we could know that the source address was not valid, then we could 
identify that packet as being an attack and discard/ignore it (e.g., during a 
(D)DoS attack). Our security posture would be further improved if we could know 
that the claimed sender did indeed send that packet (i.e., non-repudiation; i.e., 
knowing whether a genuine address was being spoofed or not). 

Changing topics, I am confused (perhaps because I am a newbie on this list) 
by the earlier discussion about authentication and authorization. I
would have thought that we would be using IPSec (whether AH or ESP) for 
situations requiring authentication at the network layer. Is there a reason
why we aren't use IPSec but rather need an alternative network layer provision?