Hallam-Baker, Phillip wrote:
Just to clarify some of my earlier comments.
I do think this is a serious issue. That does not mean I believe that the
existing security mechanisms are entirely inadequate. It simply means that I
think we should try to understand whether this is the case or not.
If this threat any worse than all of the possibly threats against DNS?
If it is on the same level, than we should just mention both in the
discussion document. That should be sufficient.
As for solutions, it might be something that the routing folks need to
deal with. I am not sure if we have the mandate or the expertise to deal
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Power tends to corrupt, and absolute power corrupts absolutely" (Lord
Asrg mailing list