[91042] in North American Network Operators' Group
backbone threats [Re: key change for TCP-MD5]
daemon@ATHENA.MIT.EDU (Pekka Savola)
Tue Jun 27 01:05:52 2006
Date: Tue, 27 Jun 2006 08:05:20 +0300 (EEST)
From: Pekka Savola <pekkas@netcore.fi>
To: nanog@merit.edu
In-Reply-To: <20060622012619.GZ703@overlord.e-gerbil.net>
Errors-To: owner-nanog@merit.edu
On Wed, 21 Jun 2006, Richard A Steenbergen wrote:
> There is a fine line between being dilligent about security, and wasting
> your time trying to solve problems that don't exist, which I think has
> been crossed in the discussion.
While TCP-MD5 could be useful in some cases (mainly in Internet
Exchanges), I mostly agree with RAS that the big picture isn't
necessarily clear.
Hence, this is my chance to plug my view of it:
http://www.ietf.org/internet-drafts/draft-savola-rtgwg-backbone-attacks-01.txt
It's a short document, less than 15 pages. Comments are welcome.
The goal of the document is to be able to better convey the real story
both between the operator-operator and operator-IETF interfaces :-)
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
