Re: [lisp] Restarting last call on LISP threats

Dino Farinacci <farinacci@gmail.com> Thu, 15 May 2014 19:55 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D61BF1A02E6 for <lisp@ietfa.amsl.com>; Thu, 15 May 2014 12:55:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LKEiSGdXG-10 for <lisp@ietfa.amsl.com>; Thu, 15 May 2014 12:55:52 -0700 (PDT)
Received: from mail-yk0-x22d.google.com (mail-yk0-x22d.google.com [IPv6:2607:f8b0:4002:c07::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACD991A0146 for <lisp@ietf.org>; Thu, 15 May 2014 12:55:52 -0700 (PDT)
Received: by mail-yk0-f173.google.com with SMTP id 142so1308077ykq.4 for <lisp@ietf.org>; Thu, 15 May 2014 12:55:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=P8hM/rbW1a2GJ6GYy9XuTKgymyt7qduiLWq472C2mzg=; b=z3XeGikAFuPk0zIONqg/Ca8yKsyOXdgytCBq+kD+7OM9FDoQHARLamg7E5DOlQI/YL ROHRT055XV2Rl9IrMXXMow6tLm9ZD9Y2qVV+PlA/NnvrRztK7hNefz3DOP+sW7ZX+d9Q /3FroG+D1GeOqoKqYF8W4oUsjVfyXjn8xk/YBg3d7xVyWFSSEjWHSxkwDYrTtjeM0Eh0 6SjN6T9ihyUt9uhvhbVob2V23ATLLd2pAcjXWVp/wOyH+zD64ihyc1Kw0/mSJb6MlKj8 h91VsWoDvB5ex3A1kM/kxMYytHfpMV/xeaVe4F8iUsvo2D0rMCm6EQfsHo6vcrbBcSa0 7vVg==
X-Received: by 10.236.180.169 with SMTP id j29mr18216994yhm.47.1400183745257; Thu, 15 May 2014 12:55:45 -0700 (PDT)
Received: from [10.241.191.15] ([166.205.49.172]) by mx.google.com with ESMTPSA id y3sm8657888yhd.28.2014.05.15.12.55.44 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 15 May 2014 12:55:44 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Dino Farinacci <farinacci@gmail.com>
X-Mailer: iPhone Mail (11D167)
In-Reply-To: <b8a367fbacd544f088e615ee5dea7001@CO1PR05MB442.namprd05.prod.outlook.com>
Date: Thu, 15 May 2014 15:55:44 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <37C7547E-E012-41F3-B49D-994397310FB4@gmail.com>
References: <536CFA13.4010102@joelhalpern.com> <4e6c0aaac8fb4aba87ab137cc49b51dc@CO2PR05MB636.namprd05.prod.outlook.com> <CAKFn1SH_gu1+e6EsWESBsRw9EGiSQ+Z5r9E7GEhMO1FdNuM9nQ@mail.gmail.com> <e03a83d7e45345dfbbe5f08f54cb47fa@CO2PR05MB636.namprd05.prod.outlook.com> <11916828-2EE5-4B46-B6F3-994CD9DBA42D@gmail.com> <b8a367fbacd544f088e615ee5dea7001@CO1PR05MB442.namprd05.prod.outlook.com>
To: Ronald Bonica <rbonica@juniper.net>
Archived-At: http://mailarchive.ietf.org/arch/msg/lisp/knt1uyh5xZJhHSnBW19jFLolH64
Cc: Roger Jorgensen <rogerj@gmail.com>, "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [lisp] Restarting last call on LISP threats
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 May 2014 19:55:54 -0000

> 
> Don't you always have to trust the mapping system? 

Yes. 

> Did you mean to say, "If you want to trust the originator of the gleaned information, ...." ?

Yes. But what I wrote was not incorrect. If the gleaned information comes from an xTR from the site, you are not trusting the mapping system at this point. 

Dino