Re: [lisp] Restarting last call on LISP threats

Dino Farinacci <farinacci@gmail.com> Tue, 27 May 2014 15:04 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 156DD1A0171 for <lisp@ietfa.amsl.com>; Tue, 27 May 2014 08:04:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EVd-QHaqyCJk for <lisp@ietfa.amsl.com>; Tue, 27 May 2014 08:04:48 -0700 (PDT)
Received: from mail-pa0-x230.google.com (mail-pa0-x230.google.com [IPv6:2607:f8b0:400e:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F37E1A013B for <lisp@ietf.org>; Tue, 27 May 2014 08:04:48 -0700 (PDT)
Received: by mail-pa0-f48.google.com with SMTP id rd3so9266739pab.21 for <lisp@ietf.org>; Tue, 27 May 2014 08:04:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=q/WQFsB8U/4xmswLh2qKzseqpLnIvBOC/sybEMC/vqs=; b=Lmhcf6ucRAVSHwY9vYKqwuQb5t+g5E1KLH+oZeM5HeGAO+i5c4SAuqijZvNU3fjkOW I4GeM3Xc8sFGVqBcZEwoYzJS63IyHN0BVVfjbFAygrrvTGSUMQioqmga5mijyug71Ngy TK21OT18X6d2oijTK+6RV4bguWlLPqdYkiR7B13+moH+88m+rusv/ZU1OBRHAx7Ljudp pcOlbPscmVEJIVzhn4o+9ppHf8u50LpsnaoOrfxr+n+US9fchdlX+ZnwHBKUkxEKS6AM +1EEQ/Qxgrinsb/Z8vN6xeRxYif9lf/eZqJlw7Ge+ApmW3hmP+Di6KcvBllX7T2IksDh 8YPw==
X-Received: by 10.68.226.197 with SMTP id ru5mr37329621pbc.77.1401203085074; Tue, 27 May 2014 08:04:45 -0700 (PDT)
Received: from [192.168.1.174] ([207.145.253.66]) by mx.google.com with ESMTPSA id op3sm23786662pbc.40.2014.05.27.08.04.43 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 27 May 2014 08:04:44 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <029e0f8bc7ba433ba4d3ee70b8431f9f@CO1PR05MB442.namprd05.prod.outlook.com>
Date: Tue, 27 May 2014 08:04:42 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <FB6C01EE-2BB8-4848-8AA2-9512F8FE064A@gmail.com>
References: <536CFA13.4010102@joelhalpern.com> <4e6c0aaac8fb4aba87ab137cc49b51dc@CO2PR05MB636.namprd05.prod.outlook.com> <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com> <1a200c5f5de041fbaf88edd1a5c3159c@CO1PR05MB442.namprd05.prod.outlook.com> <CAKFn1SEAZyydpQ4cx77mthsUx1HZqMwsM6xNuL4LJjG=oL1mjw@mail.gmail.com> <860b7987207345afb282a82862ff42c0@CO1PR05MB442.namprd05.prod.outlook.com> <F4799A7A-BAEF-458A-8C43-9DF16C9B7828@gmail.com> <e3be912f6afd4f0aa6c8414fede37c74@CO1PR05MB442.namprd05.prod.outlook.com> <2CF699DA-2BAA-4A76-BFF1-64625E001184@gmail.com> <09d3b0d276004c88b6de1a59cf863062@CO1PR05MB442.namprd05.prod.outlook.com> <3269BEE4-C3E5-4D76-A1C0-0B70B6928A12@gmail.com> <dd849ce0cca749c885c5b8a1e989f758@CO1PR05MB442.namprd05.prod.outlook.com> <538361DA.10808@joelhalpern.com> <029e0f8bc7ba433ba4d3ee70b8431f9f@CO1PR05MB442.namprd05.prod.outlook.com>
To: Ronald Bonica <rbonica@juniper.net>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/VrY-4Uh_MKW4kFrGLLVlmTViqwU
Cc: Roger Jorgensen <rogerj@gmail.com>, LISP mailing list list <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 May 2014 15:04:49 -0000

> Also, recall that large BCP38 holes exist in today's internet.

And I am going to repeat again, this is not a binary statement. That is, if a BCP38 hole exists in one part of the network, source spoofing can still be detected in other parts of the network.

Dino