Hallam-Baker, Phillip wrote:
BGP is not a secure protocol.
We may work out a way to make BGP somewhat more secure, but most likely
to defend against attacks such as flooding and DDoS rather than
impersonation of end entities.
So why do you think it is appropriate for end user applications to make
assumptions about end entity identity on the basis of source IP address?
I don't. But the mapping service still need to be secure to thwart DoS
attacks. (and it's a lot easier to get away with DoS attacks if you can
make them surgical - i.e. if you can make them apply only to a very
limited target without effecting anyone else)
Ietf mailing list