Reading this set of notes on security, SPAM and viruses.
I would like to modestly contribute:
-"Ends cannot be trusted":
I think any security implementation needs to be done on the routers part
of the BGP. I think you can control the BGP people better than the ends.
AS numbers would be attributed after a certain number of security
measures are implemented and maintained on the BGP network. I do not
know what these security measures are, but I guess this is the target
area. Organisations like APNIC, RIPE and ARIN could do this work and get
paid for it from their membership. One simple thing would be to put all
the BGP router administrators on an alert mailing list that would send
packets signatures of bad traffic in view to report it or discard it.
-"Lack or PKI", "Spam is mail from strangers that I don't want to
receive but I still want to receive mail from strangers"
Well, the important concept here is traceability. if all mails are
signed it won't stop spam or viruses, but we will know where they are
coming from. We, users, may refuse to receive mail if it is not signed.
Infected machine may sign mail automatically, so we still know where it
is coming from, so that this data can be handed to real world people for
prosecution. As in the above point if we can trace back the problem area
then we will have some evidence on where the virus/spam is coming
from... I talked before on this list about a global PKI linked to DNS...
-"Lack of whois structure"
Have you see how difficult it is to know which IP belongs to who? The
whois system for IP needs to be standardised and each person who gets an
IP range for redistribution must implement a whois system in conformance
with standards.
-"We need a new body: The Internet Security Task Force"
This body would be in charge to make recommendations and review from a
security point of view the RFCs as well as create some RFCs. It would
send advisories about implementation not conforming to security
standards set in RFCs. It would also coordinate all activities from all
security institutes. It would recommend procedures to disconnect part of
the network which are not secure or secured in a defined time frame. The
BGP people could threaten to disconnect part of the network in a certain
time-frame if it is not secure or sending SPAM, the ISP will then
threaten the lower ISP that will disconnect the end until it is fixed
(like the IETF58 jail for bad computers?) . It would also help foster
open-source(?) projects which goals are to increase the network
security. Would ISOC set up such body?
Finally on a humoristic note, if you want legislation SPAM lawyers and
MPs....
Cheers
On Fri, 2003-11-14 at 16:57, Spencer Dawkins wrote:
These are my preliminary notes from the Plenaries - neither official
nor complete. Please send me corrections and misattributions!
Thanks,
Spencer
----
Franck Martin
franck(_at_)sopac(_dot_)org
SOPAC, Fiji
GPG Key fingerprint = 44A4 8AE4 392A 3B92 FDF9 D9C6 BE79 9E60 81D9 1320
"Toute connaissance est une reponse a une question" G.Bachelard
signature.asc
Description: This is a digitally signed message part