IETF Logo Mail Archive

Re: [RPSEC] Feedback on draft-behringer-bgp-session-req-01

Ron Bonica <rbonica@juniper.net> Fri, 22 June 2007 17:02 UTC

Return-path: <rpsec-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I1mWd-0004Ds-7n; Fri, 22 Jun 2007 13:02:23 -0400
Received: from rpsec by megatron.ietf.org with local (Exim 4.43) id 1I1mWc-0004Dn-PZ for rpsec-confirm+ok@megatron.ietf.org; Fri, 22 Jun 2007 13:02:22 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I1mWc-0004Df-G8 for rpsec@ietf.org; Fri, 22 Jun 2007 13:02:22 -0400
Received: from borg.juniper.net ([207.17.137.119] helo=smtpb.juniper.net) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I1mWa-00079h-5u for rpsec@ietf.org; Fri, 22 Jun 2007 13:02:22 -0400
Received: from unknown (HELO proton.jnpr.net) ([10.10.2.37]) by smtpb.juniper.net with ESMTP; 22 Jun 2007 10:02:19 -0700
Received: from [172.23.1.54] ([172.23.1.54] RDNS failed) by proton.jnpr.net with Microsoft SMTPSVC(6.0.3790.1830); Fri, 22 Jun 2007 13:02:18 -0400
Message-ID: <467C0094.3070900@juniper.net>
Date: Fri, 22 Jun 2007 13:02:12 -0400
From: Ron Bonica <rbonica@juniper.net>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Stephen Kent <kent@bbn.com>
Subject: Re: [RPSEC] Feedback on draft-behringer-bgp-session-req-01
References: <467AE0B5.2080104@isi.edu> <C35ADD020AEBD04383C1F7F644227FDF03E688C4@xmb-sjc-227.amer.cisco.com> <467BDADD.3000406@isi.edu> <p0624050ac2a19691e536@[128.89.89.71]>
In-Reply-To: <p0624050ac2a19691e536@[128.89.89.71]>
X-Enigmail-Version: 0.93.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 22 Jun 2007 17:02:18.0408 (UTC) FILETIME=[17474A80:01C7B4EF]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465
Cc: "Barry Greene \(bgreene\)" <bgreene@cisco.com>, rpsec@ietf.org, Joe Touch <touch@ISI.EDU>
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/rpsec>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>
Errors-To: rpsec-bounces@ietf.org

Folks,

I think that the following word might be useful as we discuss the proper
classification of GTSM within the taxonomy of security mechanisms:

http://www.worldwidewords.org/weirdwords/ww-tet1.htm

                              all in good fun ;-)
                                  Ron


Stephen Kent wrote:
> At 7:21 AM -0700 6/22/07, Joe Touch wrote:
> 
>> Content-Type: multipart/signed; micalg=pgp-sha1;
>>     protocol="application/pgp-signature";
>>     boundary="------------enigB1D3AB5BCF55D129E9BDB950"
>>
>> Hi, Barry,
>>
>> Barry Greene (bgreene) wrote:
>>
>>>  I guess we have differing views on the definition of "security." If I
>>>  can classify based on a policy which provides me more resistance from
>>>  attacks, then that is a "security tool." Hence, GTSM is a security
>>> tool.
>>
>>
>> GTSM could be classified as a security tool, but it is not IP layer
>> security. It is a mechanism an endpoint can use to increase its
>> resistance to attack, as you note, but it doesn't particularly protect
>> any single protocol layer or header.
>>
>> Joe
> 
> 
> 
> GTSM also has a very limited (although important) scope, since it is
> generally applicable only in contexts where one can predict the
> appropriate TTL value for legitimate traffic (and where active attacks
> on the path the traffic is traversing are not assumed to be viable).
> 
> Steve
> 
> 
> _______________________________________________
> RPSEC mailing list
> RPSEC@ietf.org
> https://www1.ietf.org/mailman/listinfo/rpsec
> 


_______________________________________________
RPSEC mailing list
RPSEC@ietf.org
https://www1.ietf.org/mailman/listinfo/rpsec

v2.8.7 | Report a Bug | By Email