[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] Renumbering... ACLs etc.



On 17 aug 2008, at 20:31, Tony Li wrote:

I think you're missing the point: having a firewall filter on ANY field set by a correspondent that cannot be strongly authenticated is simply asking
for trouble.

To date, folks have claimed that the return routability of the address was 'enough' security. However, that depends on routing being secure. I hope
the folks in this group are aware of the reality in that regard.

Security is in the eye of the beholder.

The problem with people that have "security" in their job title is that they never know when to stop. (Well, it is of course inconvenient that every criminal in the world lives less than 300 ms away from your valuables.)

In the real world, most buildings have glass windows that are easily broken. They provide only a relatively low level of security. (One could argue that the only thing that it does is clearly differentiate between people who are breaking in and people that aren't.) For most people this is good enough most of the time.

Similarly, the return routability check provides enough security for most people most of the time.

The fact that a bank needs better security than glass windows doesn't mean that glass windows are useless so we can remove them. Also, if for some reason we would have to get rid of glass, telling everyone to go live in a bank vault isn't the solution. We'd have to come up with something that is as inobtrusive as glass and provides at least the same level of security, although as long as we're working on it, we'd probably want to improve the security level given the same usability level.

In other words: in a loc/id solution you lose the return routability check on the identifiers so new security mechanisms are needed that are at least as strong as the (fairly weak) return routability check. These need to be easier to work with and more efficient than IPsec, though.

--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg