[165591] in North American Network Operators' Group
RE: Internet Surveillance and Boomerang Routing: A Call for
daemon@ATHENA.MIT.EDU (Marsh Ray)
Tue Sep 10 17:30:57 2013
From: Marsh Ray <maray@microsoft.com>
To: Bill Woodcock <woody@pch.net>, Jean-Francois Mezei
<jfmezei_nanog@vaxination.ca>
Date: Tue, 10 Sep 2013 21:30:35 +0000
In-Reply-To: <C0C0B5F0-9C20-4015-B27F-E6CC60C6233D@pch.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> From: Bill Woodcock [mailto:woody@pch.net]
> Subject: Re: Internet Surveillance and Boomerang Routing: A Call for
> Canadian Network Sovereignty
>=20
> On Sep 10, 2013, at 9:29 AM, Jean-Francois Mezei
> <jfmezei_nanog@vaxination.ca> wrote:
> > Will the market start to demand routes that avoid the USA if the
> destination is not the USA ?
>=20
> Unlikely, all else being equal. The market demands the least expensive
> routes. Which is why we push for new IXPs on the Canadian side of the
> border, so that the _cheapest_ route will also be the _shortest_ route, a=
nd
> will remain within Canadian jurisdiction and the purview of Canadian pers=
onal
> privacy law, for instance.
Maybe it's time to dust off some of those "reserved for future use" IP secu=
rity options.
It's almost as if someone saw this problem coming a long time ago.
- Marsh
https://tools.ietf.org/html/rfc791#page-17
Security
This option provides a way for hosts to send security,
compartmentation, handling restrictions, and TCC (closed user
group) parameters. The format for this option is as follows:
+--------+--------+---//---+---//---+---//---+---//---+
|10000010|00001011|SSS SSS|CCC CCC|HHH HHH| TCC |
+--------+--------+---//---+---//---+---//---+---//---+
Type=3D130 Length=3D11
Security (S field): 16 bits
Specifies one of 16 levels of security (eight of which are
reserved for future use).
00000000 00000000 - Unclassified
11110001 00110101 - Confidential
01111000 10011010 - EFTO
10111100 01001101 - MMMM
01011110 00100110 - PROG
10101111 00010011 - Restricted
11010111 10001000 - Secret
01101011 11000101 - Top Secret
00110101 11100010 - (Reserved for future use)
10011010 11110001 - (Reserved for future use)
01001101 01111000 - (Reserved for future use)
00100100 10111101 - (Reserved for future use)
00010011 01011110 - (Reserved for future use)
10001001 10101111 - (Reserved for future use)
11000100 11010110 - (Reserved for future use)
11100010 01101011 - (Reserved for future use)
