On 30/Aug/11 04:50, Michel Py wrote:
> The mechanism (ICMP redirects) is technically fine and socially not.
> People have become paranoid and now they firewall everything. It is a
> behavioral animal. I'm not saying it's a good idea; the market answer to
> crossing firewalls is to encapsulate everything into HTTPS, which is
> probably worse. But then again, we have to deal with market pressure
> against technically sound solutions, and the market almost always wins.

That brings us back to the problem that "free routing" is apparently
insecure.  OTOH, there are large expectations from RIRs and network
providers, about security and policy routing, especially on port 25.
On closer inspection, though, those chaps don't seem to be eager to
play net-cops.

Should we go for secure routing, now that we have secure DNS?

Ietf mailing list

Reply via email to