Clarification of when authentication is used

Gary Scott Malkin <gmalkin@xylogics.com> Tue, 02 August 1994 22:00 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa14597; 2 Aug 94 18:00 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa14593; 2 Aug 94 18:00 EDT
Received: from atlas.xylogics.com by CNRI.Reston.VA.US id aa18148; 2 Aug 94 18:00 EDT
Received: by atlas.xylogics.com id AA04416 (5.65c/UK-2.1-940401); Tue, 2 Aug 1994 18:01:27 -0400
Received: by atlas.xylogics.com id AA30565 (5.65c/UK-2.1-940401); Tue, 2 Aug 1994 18:01:12 -0400
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Gary Scott Malkin <gmalkin@xylogics.com>
Date: Tue, 2 Aug 1994 18:01:12 -0400
Message-Id: <30565.199408022201@atlas.xylogics.com>
To: fbaker@acc.com
Cc: ietf-rip@xylogics.com
In-Reply-To: Fred Baker's message of Tue, 2 Aug 1994 14:44:43 -0800 <9408022144.AB00429@fennel.acc.com>
Subject: Clarification of when authentication is used

> I dunno, I would agree with Jeff's assessment: it is information exchange
> we are authenticating, we shouldn't break the management applications that
> use RIP Requests to dump route tables. Having said which, seems like the
> same logic applies to passwords.

But that means there's no way to prevent outsiders from finding out what
your routing table looks like.  Speaking for myself, I'd don't think that
is a serious problem.  However, I remember, during the RREQ debates lo
these many years ago, that some secure sites didn't even want to have to
decrement the hop count for fear of giving away topology information.

----------------------------------------------------------------------
Gary Malkin                                          Cheap, Fast, Good
(617) 272-8140                                       Pick two!