In message <[EMAIL PROTECTED]> Ron Bonica writes: > > > > > > Now if this proposed wg can find a way for me to recognized spoofed > > packets when they enter my networks without cooperation from the source > > and intermediate networks, I'm all ears. > > > > Iljitsch, > > Would it be useful if upstream networks that validated source addresses > somehow signed* the packet? If they did that, when the packet enters > your network, you will know which packets come with an assurance of > source address validity from the upstream network. > > Ron > > * Don't read too much into the word "sign". We may not be talking about > cryptographic strong authentication of every packet.
Maybe you want to use the word "mark" rather than "sign". Curtis _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
