[EMAIL PROTECTED] wrote on 09/27/2006 12:01:00 PM: > On 27-sep-2006, at 17:27, Ron Bonica wrote: > > > Would it be useful if upstream networks that validated source > > addresses > > somehow signed* the packet? If they did that, when the packet enters > > your network, you will know which packets come with an assurance of > > source address validity from the upstream network. > > Assuming the obvious difficulties with such an approach can be worked > out: sure. But I'm afraid we'll again see that a significant number > of people won't implement these measures. > > Something along the same lines: let me communicate back to a router > in the source AS my permission to receive packets. People who send > too much traffic to destinations that don't give permission are > blocked or throttled.
Cooperation from source or intermediate AS itself is not a problem, the issue is how much cooperation is needed. For signing the packet, periodic re-establishing secret keys (assuming keyed hash functions are used) is needed. The period can be several weeks or months, depending on how paranoid ISPs feel. For sending back feedback, it sounds like happening all the time (a dest AS can see increased traffic from somewhere any time), need more tightly coupled control loop (dest AS is changing the behavior of source AS. how to secure that?), and require secret keys for authentication as well (otherwise this feedback control itself can be spoofed). So signing seems to me doesnt require too much cooperation. It may also be used as incentive: if a source AS dont sign, during emergence a dest AS may drop traffic from it with high probability. Fan _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
