IETF Logo Mail Archive

Re: [GROW] last call for draft-ietf-grow-unique-origin-as-00

marcelo bagnulo braun <marcelo@it.uc3m.es> Tue, 21 December 2010 20:39 UTC

Return-Path: <marcelo@it.uc3m.es>
X-Original-To: grow@core3.amsl.com
Delivered-To: grow@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B8CBA3A6A8B for <grow@core3.amsl.com>; Tue, 21 Dec 2010 12:39:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-76CUQsR65O for <grow@core3.amsl.com>; Tue, 21 Dec 2010 12:39:33 -0800 (PST)
Received: from smtp01.uc3m.es (smtp01.uc3m.es [163.117.176.131]) by core3.amsl.com (Postfix) with ESMTP id AA0233A68B6 for <grow@ietf.org>; Tue, 21 Dec 2010 12:39:33 -0800 (PST)
X-uc3m-safe: yes
Received: from r190-132-69-134.dialup.mobile.ancel.net.uy (r190-132-69-134.dialup.mobile.ancel.net.uy [190.132.69.134]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp01.uc3m.es (Postfix) with ESMTP id 2501DC03117 for <grow@ietf.org>; Tue, 21 Dec 2010 21:41:22 +0100 (CET)
Message-ID: <4D1110EB.7020400@it.uc3m.es>
Date: Tue, 21 Dec 2010 21:41:15 +0100
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; es-ES; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7
MIME-Version: 1.0
To: grow@ietf.org
References: <050e01cb9da6$95d88c80$c189a580$@lugs.com> <4D10C0B5.1040404@it.uc3m.es> <81071856-247B-4155-912B-A45F3C9AC257@gmail.com> <4D110B69.6090102@it.uc3m.es> <9F68D21F-60AD-4FAC-AAF0-B68D4ADD1167@gmail.com>
In-Reply-To: <9F68D21F-60AD-4FAC-AAF0-B68D4ADD1167@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.5.0.1024-17844.000
Subject: Re: [GROW] last call for draft-ietf-grow-unique-origin-as-00
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/grow>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Dec 2010 20:39:34 -0000

El 21/12/10 21:22, Roland Dobbins escribió:
> On Dec 22, 2010, at 3:17 AM, marcelo bagnulo braun wrote:
>
>> making the parts of the network taking the rogue announce for valid likely to be higher, than in the case of the anycast, where there are several legitimate origins.
> No, because *upon investigation*, it's generally considerably easier to determine which announcements are legitimate and which aren't for a given prefix which isn't anycasted vs. doing so for one which is anycasted.

Right, so basically you are saying is that if there is a unicast 
announcement that should come from a single origin, it is easier to 
distinguish the rogue announcements than in the case of an anycast 
announcement, where it can come from multiple origins?

If that is the case, i can see that.
Now that doesn't imply afaict that the surface of the attack will be 
bigger, just that it is harder to identify.
Second, it is not obvious to me why having different origins for each 
anycast location makes this situation any easier in the case of a 
malicious attacker (Who is could potentially include a false origin in 
its announcement)

Regards, marcelo

> _______________________________________________
> GROW mailing list
> GROW@ietf.org
> https://www.ietf.org/mailman/listinfo/grow
>

v2.23.0 | Report a Bug | By Email