While working groups can do all sorts of things, the expected results of
this work would be a new or extended mechanisms for routers to tell
other routers what address prefixes they will be using as source address
for packets they will be forwarding. These are not the individual
addresses of users. And, conversely, this is exactly the information one
needs to perform source address spoof prevention. (Whether the
proposed / expected mechanisms will actually provide improved
information is part of what has to be determined.)
Further, we have specified that the problem and requirements will be
spelled out before any solutions are examined by the working group. So
we can confirm that there is indeed a problem to solve.
This is not "extend SAVI individual host registrations into ISPs." I
have no problem including privacy in the analysis. But I am much less
concerned than I was (and yes Stephen, I did take your concerns
seriously) when we did the SAVI work.
Yours,
Joel
On 6/3/2022 4:25 PM, Adrian Farrel wrote:
Hey Alvaro and Stephen,
I oppose the creation of this working group on the basis
that it makes no mention of privacy. Extending the kind
of privacy-unfriendly source address validation mechanisms
(unwisely IMO) used, to something deployed at Internet-scale,
could be a major error.
The WG won't be chartered to extend existing mechanisms.
If there's text that gives that impression we should fix it.
Weeeell, I read...
| The "Source Address Validation in Intra-domain and Inter-domain Networks
| (SAVNET)" working group will define routing protocol-independent architectures
| and procedures to accurately determine the valid incoming router interfaces
| for specific source prefixes. The accuracy of the enhancements is expected
| to improve upon current SAV mechanisms.
...to mean that procedures and enhancements would be defined.
Actually, I interpreted the whole charter as "examine existing approaches and develop new techniques" and read it in that light. Maybe the charter could be clearer up front that no new mechanisms or extensions to existing mechanisms will be defined.
What am I missing?
Cheers,
Adrian