On Fri, 11 Feb 2000 16:35:18 EST, Paul Ferguson said:
Do you think that if RFC2267 was advanced as a BCP that
it would carry more weight, and therefore more ISP's would
implement RFC2267-style filtering? Coupled with the latest
denial of service attacks?
On the one hand, I think it would make a good candidate for BCP. It seems
to be similar in tone with RFCs 2502 and 2644. I'd have to re-read it to
see if it would need any textual changes, or if it's OK as it is.
I was talking to a co-worker on this topic, and his exact quote was
"We have our s--t more together than most sites, despite our best
efforts". The problem is that he was right - our site may have clue,
but there's a lot of uneducated sites out there.
Does anybody have statistics on how effective RFC2350 (Expectations
for Computer Security Incident Response) was? Or RFC2502 (Anti-Spam
Recommendations for SMTP MTAs)? Or RFC2644 ( Changing the Default for
Directed Broadcasts in Routers)? It would seem reasonable that moving
2267 to BCP should have a similar effectiveness...
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech