Re: [BEHAVE] Can we have on NAT66 discussion?

ietf

Re: [BEHAVE] Can we have on NAT66 discussion?

2008-11-14 12:42:53

Hallam-Baker, Phillip wrote:

BGP is not a secure protocol.
 
We may work out a way to make BGP somewhat more secure, but most likely
to defend against attacks such as flooding and DDoS rather than
impersonation of end entities.
 
So why do you think it is appropriate for end user applications to make
assumptions about end entity identity on the basis of source IP address?


I don't.  But the mapping service still need to be secure to thwart DoS
attacks.  (and it's a lot easier to get away with DoS attacks if you can
make them surgical - i.e. if you can make them apply only to a very
limited target without effecting anyone else)

Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [BEHAVE] Can we have on NAT66 discussion?, (continued) Re: [BEHAVE] Can we have on NAT66 discussion?, Keith Moore RE: [BEHAVE] Can we have on NAT66 discussion?, Hallam-Baker, Phillip Re: [BEHAVE] Can we have on NAT66 discussion?, Keith Moore FTP to HISTORIC? RE: [BEHAVE] Can we have on NAT66 discussion?, Hallam-Baker, Phillip Re: FTP to HISTORIC? RE: [BEHAVE] Can we have on NAT66 discussion?, Keith Moore Message not available Re: FTP to HISTORIC? RE: [BEHAVE] Can we have on NAT66 discussion?, SM Re: FTP to HISTORIC? RE: [BEHAVE] Can we have on NAT66 discussion?, Tom.Petch Re: FTP to HISTORIC? RE: [BEHAVE] Can we have on NAT66 discussion?, Iljitsch van Beijnum Re: [BEHAVE] Can we have on NAT66 discussion?, Iljitsch van Beijnum RE: [BEHAVE] Can we have on NAT66 discussion?, Hallam-Baker, Phillip Re: [BEHAVE] Can we have on NAT66 discussion?, Keith Moore <= Re: [BEHAVE] Can we have on NAT66 discussion?, Iljitsch van Beijnum Re: [BEHAVE] Can we have on NAT66 discussion?, Eric Klein RE: [BEHAVE] Can we have on NAT66 discussion?, Hallam-Baker, Phillip RE: [BEHAVE] Can we have on NAT66 discussion?, Darrel Lewis (darlewis) Re: [BEHAVE] Can we have on NAT66 discussion?, Rémi Denis-Courmont Re: [BEHAVE] Can we have on NAT66 discussion?, Eric Klein RE: [BEHAVE] Can we have on NAT66 discussion?, michael.dillon RE: [BEHAVE] Can we have on NAT66 discussion?, Darrel Lewis (darlewis) Re: [BEHAVE] Can we have on NAT66 discussion?, Margaret Wasserman

Previous by Date:	Re: uncooperative DNSBLs, IETF misinformation (was: several messages), Al Iverson
Next by Date:	Re: Context specific semantics was Re: uncooperative DNSBLs, was several messages, Ted Hardie
Previous by Thread:	RE: [BEHAVE] Can we have on NAT66 discussion?, Hallam-Baker, Phillip
Next by Thread:	Re: [BEHAVE] Can we have on NAT66 discussion?, Iljitsch van Beijnum
Indexes:	[Date] [Thread] [Top] [All Lists]