[67741] in North American Network Operators' Group
Re: Clueless service restrictions (was RE: Anti-spam System Idea)
daemon@ATHENA.MIT.EDU (Paul Jakma)
Thu Feb 19 01:55:50 2004
Date: Thu, 19 Feb 2004 06:51:04 +0000 (GMT)
From: Paul Jakma <paul@clubi.ie>
To: Alex Bligh <alex@alex.org.uk>
Cc: "Steven M. Bellovin" <smb@research.att.com>,
Tony Hain <alh-ietf@tndh.net>, nanog@merit.edu
In-Reply-To: <459416656.1077062177@[192.168.100.25]>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 17 Feb 2004, Alex Bligh wrote:
> they in turn chose to trust. Take BGP (by which I mean eBGP) as the case in
> point: [...] The trust relationship is
> important, [...]. BGP allows me (in commonly deployed form) to run
> a relatively
> secure protocol between peers, and deploy (almost) universal end-to-end
> connectivity for IP packets in a manner that does not necessarily involve
> end users in needing to know anything about it bar "if the routing doesn't
> work, I move providers";
Right but:
- The world of BGP peers is a rarified one, there are, what, <20k
ASes out there? Nearly all are medium sized enterprises, institutions
or organisations or bigger.
- With BGP's peer-to-peer trust relationships, prefixes get hijacked,
rogue ASes collude with spammers.
So, despite the small number of players, it still doesnt work, and
people are working on adding stronger forms of verification of
announcements to to BGP.
And you want to try scale this to the millions and millions of SMTP
hosts? :)
> Alex
regards,
--
Paul Jakma paul@clubi.ie paul@jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam@dishone.st
Fortune:
"You shouldn't make my toaster angry."
-- Household security explained in "Johnny Quest"
