Re: [GROW] last call for draft-ietf-grow-unique-origin-as-00
marcelo bagnulo braun <marcelo@it.uc3m.es> Tue, 21 December 2010 21:16 UTC
Return-Path: <marcelo@it.uc3m.es>
X-Original-To: grow@core3.amsl.com
Delivered-To: grow@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D6D353A6888 for <grow@core3.amsl.com>; Tue, 21 Dec 2010 13:16:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rn92L-0K56cu for <grow@core3.amsl.com>; Tue, 21 Dec 2010 13:16:48 -0800 (PST)
Received: from smtp03.uc3m.es (smtp03.uc3m.es [163.117.176.133]) by core3.amsl.com (Postfix) with ESMTP id 541FF3A68C3 for <grow@ietf.org>; Tue, 21 Dec 2010 13:16:48 -0800 (PST)
X-uc3m-safe: yes
Received: from r190-132-69-134.dialup.mobile.ancel.net.uy (r190-132-69-134.dialup.mobile.ancel.net.uy [190.132.69.134]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp03.uc3m.es (Postfix) with ESMTP id 7F0639906C1 for <grow@ietf.org>; Tue, 21 Dec 2010 22:18:42 +0100 (CET)
Message-ID: <4D1119AD.3050408@it.uc3m.es>
Date: Tue, 21 Dec 2010 22:18:37 +0100
From: marcelo bagnulo braun <marcelo@it.uc3m.es>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; es-ES; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7
MIME-Version: 1.0
To: grow@ietf.org
References: <050e01cb9da6$95d88c80$c189a580$@lugs.com> <4D10C0B5.1040404@it.uc3m.es> <81071856-247B-4155-912B-A45F3C9AC257@gmail.com> <4D110B69.6090102@it.uc3m.es> <9F68D21F-60AD-4FAC-AAF0-B68D4ADD1167@gmail.com> <4D1110EB.7020400@it.uc3m.es> <2837CC8E-940D-4B8C-8FCB-C05A6A8BFD03@gmail.com>
In-Reply-To: <2837CC8E-940D-4B8C-8FCB-C05A6A8BFD03@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.5.0.1024-17844.002
Subject: Re: [GROW] last call for draft-ietf-grow-unique-origin-as-00
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/grow>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Dec 2010 21:16:53 -0000
El 21/12/10 21:46, Roland Dobbins escribió: > On Dec 22, 2010, at 3:41 AM, marcelo bagnulo braun wrote: > >> Now that doesn't imply afaict that the surface of the attack will be bigger, just that it is harder to identify. > Disagree. Confusion in and of itself represents a broadening of the attack surface. > mmm, maybe we are having a terminology issue here, i was using surface == Catchment what do you mean by surface? >> Second, it is not obvious to me why having different origins for each anycast location makes this situation any easier in the case of a malicious attacker (Who is could potentially include a false origin in its announcement) > At the moment, there are out-of-band mechanisms which in many (not all) instances can be utilized to sort the sheep from the goats. Obviously, technological - and therefore more automagic - mechanisms for doing so are preferred, and there is considerable activity in that regard (i.e., rPKI). > right, i can see that this _in conjunction_ with RPKI helps to deal with this. So, i see this an an enabler, not as a solution per se (i.e. without RPKI, the attacker can include a false origin and get away with it) Regards, marcelo > _______________________________________________ > GROW mailing list > GROW@ietf.org > https://www.ietf.org/mailman/listinfo/grow >
- [GROW] last call for draft-ietf-grow-unique-origi… Peter Schoenmaker
- Re: [GROW] last call for draft-ietf-grow-unique-o… Terry Manderson
- Re: [GROW] last call for draft-ietf-grow-unique-o… Shane Amante
- Re: [GROW] last call for draft-ietf-grow-unique-o… Robert Raszuk
- Re: [GROW] last call for draft-ietf-grow-unique-o… Roland Dobbins
- Re: [GROW] last call for draft-ietf-grow-unique-o… Ben Niven-Jenkins
- Re: [GROW] last call for draft-ietf-grow-unique-o… Warren Kumari
- Re: [GROW] last call for draft-ietf-grow-unique-o… Matsuzaki Yoshinobu
- Re: [GROW] last call for draft-ietf-grow-unique-o… marcelo bagnulo braun
- Re: [GROW] last call for draft-ietf-grow-unique-o… Roland Dobbins
- Re: [GROW] last call for draft-ietf-grow-unique-o… marcelo bagnulo braun
- Re: [GROW] last call for draft-ietf-grow-unique-o… Roland Dobbins
- Re: [GROW] last call for draft-ietf-grow-unique-o… marcelo bagnulo braun
- Re: [GROW] last call for draft-ietf-grow-unique-o… Roland Dobbins
- Re: [GROW] last call for draft-ietf-grow-unique-o… marcelo bagnulo braun
- Re: [GROW] last call for draft-ietf-grow-unique-o… Gaurab Raj Upadhaya
- Re: [GROW] last call for draft-ietf-grow-unique-o… Joe Abley
- Re: [GROW] last call for draft-ietf-grow-unique-o… John Kristoff
- Re: [GROW] last call for draft-ietf-grow-unique-o… Arturo Servin