[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Renumbering... ACLs etc.

To: <tony.li@tony.li>
Subject: Re: [RRG] Renumbering... ACLs etc.
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Mon, 18 Aug 2008 11:30:00 +0200
Cc: "'Robin Whittle'" <rw@firstpr.com.au>, "'Routing Research Group'" <rrg@psg.com>
In-reply-to: <A0C4C5EB5B1D4E4C8C781CF4789F26D8@ad.redback.com>
References: <20080816165144.2FAD66BE5BD@mercury.lcs.mit.edu> <E11E2692-3853-4F87-ADC2-A44334378026@nomadiclab.com> <67FD447745684B4F98360E7117C779B4@ad.redback.com> <48A84B03.2050209@firstpr.com.au> <A0C4C5EB5B1D4E4C8C781CF4789F26D8@ad.redback.com>

On 17 aug 2008, at 20:31, Tony Li wrote:

I think you're missing the point: having a firewall filter on ANYfield setby a correspondent that cannot be strongly authenticated is simplyasking
for trouble.

To date, folks have claimed that the return routability of theaddress was'enough' security. However, that depends on routing being secure.I hope
the folks in this group are aware of the reality in that regard.


Security is in the eye of the beholder.

The problem with people that have "security" in their job title isthat they never know when to stop. (Well, it is of course inconvenientthat every criminal in the world lives less than 300 ms away from yourvaluables.)

In the real world, most buildings have glass windows that are easilybroken. They provide only a relatively low level of security. (Onecould argue that the only thing that it does is clearly differentiatebetween people who are breaking in and people that aren't.) For mostpeople this is good enough most of the time.

Similarly, the return routability check provides enough security formost people most of the time.

The fact that a bank needs better security than glass windows doesn'tmean that glass windows are useless so we can remove them. Also, iffor some reason we would have to get rid of glass, telling everyone togo live in a bank vault isn't the solution. We'd have to come up withsomething that is as inobtrusive as glass and provides at least thesame level of security, although as long as we're working on it, we'dprobably want to improve the security level given the same usabilitylevel.

In other words: in a loc/id solution you lose the return routabilitycheck on the identifiers so new security mechanisms are needed thatare at least as strong as the (fairly weak) return routability check.These need to be easier to work with and more efficient than IPsec,though.


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg

Follow-Ups:
- RE: [RRG] Renumbering... ACLs etc.
  - From: "Tony Li" <tony.li@tony.li>

References:
- Re: [RRG] Renumbering...
  - From: jnc@mercury.lcs.mit.edu (Noel Chiappa)
- Re: [RRG] Renumbering...
  - From: Christian Vogt <christian.vogt@nomadiclab.com>
- RE: [RRG] Renumbering...
  - From: "Tony Li" <tony.li@tony.li>
- Re: [RRG] Renumbering... ACLs etc.
  - From: Robin Whittle <rw@firstpr.com.au>
- RE: [RRG] Renumbering... ACLs etc.
  - From: "Tony Li" <tony.li@tony.li>

Prev by Date: Re: [RRG] Renumbering... ACLs etc.
Next by Date: Re: [RRG] Renumbering... ACLs etc.
Previous by thread: Re: [RRG] Renumbering... ACLs etc.
Next by thread: RE: [RRG] Renumbering... ACLs etc.
Index(es):
- Date
- Thread