Re: [lisp] Restarting last call on LISP threats

Sander Steffann <sander@steffann.nl> Fri, 16 May 2014 19:15 UTC

Return-Path: <sander@steffann.nl>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF3F11A0338 for <lisp@ietfa.amsl.com>; Fri, 16 May 2014 12:15:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.194
X-Spam-Level:
X-Spam-Status: No, score=0.194 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z3rXW7AwqV43 for <lisp@ietfa.amsl.com>; Fri, 16 May 2014 12:15:24 -0700 (PDT)
Received: from mail.sintact.nl (mail.sintact.nl [IPv6:2001:9e0:803::6]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D4621A0103 for <lisp@ietf.org>; Fri, 16 May 2014 12:15:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.sintact.nl (Postfix) with ESMTP id A3EED3F; Fri, 16 May 2014 21:15:15 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mail.sintact.nl
Received: from mail.sintact.nl ([127.0.0.1]) by localhost (mail.sintact.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fJiG8364PimH; Fri, 16 May 2014 21:15:07 +0200 (CEST)
Received: from [172.20.10.3] (unknown [172.20.10.3]) by mail.sintact.nl (Postfix) with ESMTPSA id C58C23B; Fri, 16 May 2014 21:13:04 +0200 (CEST)
Content-Type: text/plain; charset=iso-8859-1
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Sander Steffann <sander@steffann.nl>
In-Reply-To: <F4799A7A-BAEF-458A-8C43-9DF16C9B7828@gmail.com>
Date: Fri, 16 May 2014 21:11:00 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <8891A030-B462-48D9-83B4-4E42525F38CE@steffann.nl>
References: <536CFA13.4010102@joelhalpern.com> <4e6c0aaac8fb4aba87ab137cc49b51dc@CO2PR05MB636.namprd05.prod.outlook.com> <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com> <1a200c5f5de041fbaf88edd1a5c3159c@CO1PR05MB442.namprd05.prod.outlook.com> <CAKFn1SEAZyydpQ4cx77mthsUx1HZqMwsM6xNuL4LJjG=oL1mjw@mail.gmail.com> <860b7987207345afb282a82862ff42c0@CO1PR05MB442.namprd05.prod.outlook.com> <F4799A7A-BAEF-458A-8C43-9DF16C9B7828@gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/WpZToavdNMxaetJbmQNLUqKlaA4
Cc: Roger Jorgensen <rogerj@gmail.com>, "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 May 2014 19:15:26 -0000

Hi Dino,

> If Roger managed to get packets to me with BOTH your EID and RLOC, then I really don't know if those packets are coming from Ron. 
> 
> Now how Roger does this will be an amazing feat because a lot of ISPs between Roger and me would be very broken.

Unfortunately this is not unlikely :(  I certainly wouldn't consider it an amazing feat... BCP38 is not implemented as much as it should be.

Cheers,
Sander