BGP is not a secure protocol.
We may work out a way to make BGP somewhat more secure, but most likely to
defend against attacks such as flooding and DDoS rather than impersonation of
So why do you think it is appropriate for end user applications to make
assumptions about end entity identity on the basis of source IP address?
If you take a look at DKIM you will see that the approach there is to
independently authenticate the hops.
From: Iljitsch van Beijnum [mailto:iljitsch(_at_)muada(_dot_)com]
Sent: Fri 11/14/2008 3:57 AM
To: Hallam-Baker, Phillip
Cc: Keith Moore; Behave WG; IETF Discussion; Routing Research Group Mailing
List; Eric Klein; Mark Townsley
Subject: Re: [BEHAVE] Can we have on NAT66 discussion?
On 13 nov 2008, at 23:50, Hallam-Baker, Phillip wrote:
The most successful Internet protocols do not involve connections to
hosts today. SMTP is a connection to a service and has been for two
In SMTP the IP address does not remain constant end to end and never
SMTP is also the least secure protocol that is in wide use; hop-by-hop
forwarding without authentication of the message itself is a security
nightmare. We have the same issue with flooding of random IP packets.
Ietf mailing list