Re: [lisp] Restarting last call on LISP threats

Dino Farinacci <farinacci@gmail.com> Mon, 19 May 2014 17:57 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B45B1A00EA for <lisp@ietfa.amsl.com>; Mon, 19 May 2014 10:57:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ds5saJfUX928 for <lisp@ietfa.amsl.com>; Mon, 19 May 2014 10:57:24 -0700 (PDT)
Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com [IPv6:2607:f8b0:400e:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A654D1A00B1 for <lisp@ietf.org>; Mon, 19 May 2014 10:57:24 -0700 (PDT)
Received: by mail-pa0-f47.google.com with SMTP id lf10so6086424pab.34 for <lisp@ietf.org>; Mon, 19 May 2014 10:57:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+ohcwOzriXIC4mqWempz176njmiluzDMw3e2nBg6OUw=; b=YRF/mSBZMrDLkHvVwpbNSo4EOBsnPaxNpsTI6BvljCILUwpGYQh8A+HNK4e4lBSraa 1Pv7KMlszJoB2fWLbHDJVYfKwAmXSZB0FKtowwjpboAr5ipBOOTtcqEPT+JZqVqzjKoL EDP6LcJs0xBhzr8D3rFVp27Ss7Owrp5Ht/cqxg0lF1pRAY2OKH25hYtqadgjscQhO9ZS 5oy7NQckD1kAClv4RfYsdwB/IgK1eEZbBYkP5zKLiUHY3M+A64IgE/NZitfVKd3kl5uf eLmE8yVC5nfa103LTFuIXT3QGKnmwfdRQsF80yHUtrYH0ARO9I6zWpcLzFocZ5EFLBw4 YKCw==
X-Received: by 10.66.65.169 with SMTP id y9mr44387299pas.145.1400522244476; Mon, 19 May 2014 10:57:24 -0700 (PDT)
Received: from [10.214.44.136] ([166.170.42.80]) by mx.google.com with ESMTPSA id gc3sm31179009pbd.93.2014.05.19.10.57.08 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 19 May 2014 10:57:23 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Dino Farinacci <farinacci@gmail.com>
X-Mailer: iPhone Mail (11D167)
In-Reply-To: <df8bf1975fe04834bb7887ae38675983@CO1PR05MB442.namprd05.prod.outlook.com>
Date: Mon, 19 May 2014 13:56:59 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <2D126379-BFF8-45FE-B6E1-B7E5E7FA5A6A@gmail.com>
References: <536CFA13.4010102@joelhalpern.com> <4e6c0aaac8fb4aba87ab137cc49b51dc@CO2PR05MB636.namprd05.prod.outlook.com> <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com> <1a200c5f5de041fbaf88edd1a5c3159c@CO1PR05MB442.namprd05.prod.outlook.com> <CAKFn1SEAZyydpQ4cx77mthsUx1HZqMwsM6xNuL4LJjG=oL1mjw@mail.gmail.com> <860b7987207345afb282a82862ff42c0@CO1PR05MB442.namprd05.prod.outlook.com> <F4799A7A-BAEF-458A-8C43-9DF16C9B7828@gmail.com> <8891A030-B462-48D9-83B4-4E42525F38CE@steffann.nl> <F1FD0546-65C0-4288-B017-FDA55454A528@gmail.com> <df8bf1975fe04834bb7887ae38675983@CO1PR05MB442.namprd05.prod.outlook.com>
To: Ronald Bonica <rbonica@juniper.net>
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/74UyYUoLeAYQVmiCK4lNTz47vUk
Cc: Roger Jorgensen <rogerj@gmail.com>, "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 May 2014 17:57:26 -0000

In those cases we do mapping database RPF lookups. 

Dino



> On May 19, 2014, at 10:14 AM, Ronald Bonica <rbonica@juniper.net> wrote:
> 
> Dino,
> 
> The Spoofer Project (http://spoofer.cmand.org/summary.php) offers a longitudinal view of BCP 38 deployment. I think that the results that they report validate Sander's objection. Furthermore, they may suggest that Sander's objection will remain valid for years to come.
> 
>                                                                                                                                   Ron
> 
> 
>> -----Original Message-----
>> From: Dino Farinacci [mailto:farinacci@gmail.com]
>> Sent: Friday, May 16, 2014 7:37 PM
>> To: Sander Steffann
>> Cc: Ronald Bonica; Roger Jorgensen; lisp@ietf.org
>> Subject: Re: [lisp] Restarting last call on LISP threats
>> 
>>> Unfortunately this is not unlikely :(  I certainly wouldn't consider it an
>> amazing feat... BCP38 is not implemented as much as it should be.
>> 
>> I know there are many cases where BCP38 is not practice but more and more
>> access providers due uRPF.
>> 
>> You only need one in the path. And the ones that don't do it are using
>> resources to transit packets to possible black holes.
>> 
>> Dino