[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RRG] Renumbering... ACLs etc.
On 17 aug 2008, at 20:31, Tony Li wrote:
I think you're missing the point: having a firewall filter on ANY
field set
by a correspondent that cannot be strongly authenticated is simply
asking
for trouble.
To date, folks have claimed that the return routability of the
address was
'enough' security. However, that depends on routing being secure.
I hope
the folks in this group are aware of the reality in that regard.
Security is in the eye of the beholder.
The problem with people that have "security" in their job title is
that they never know when to stop. (Well, it is of course inconvenient
that every criminal in the world lives less than 300 ms away from your
valuables.)
In the real world, most buildings have glass windows that are easily
broken. They provide only a relatively low level of security. (One
could argue that the only thing that it does is clearly differentiate
between people who are breaking in and people that aren't.) For most
people this is good enough most of the time.
Similarly, the return routability check provides enough security for
most people most of the time.
The fact that a bank needs better security than glass windows doesn't
mean that glass windows are useless so we can remove them. Also, if
for some reason we would have to get rid of glass, telling everyone to
go live in a bank vault isn't the solution. We'd have to come up with
something that is as inobtrusive as glass and provides at least the
same level of security, although as long as we're working on it, we'd
probably want to improve the security level given the same usability
level.
In other words: in a loc/id solution you lose the return routability
check on the identifiers so new security mechanisms are needed that
are at least as strong as the (fairly weak) return routability check.
These need to be easier to work with and more efficient than IPsec,
though.
--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg