BGP is not a secure protocol.
We may work out a way to make BGP somewhat more secure, but most likely to defend against attacks such as flooding and DDoS rather than impersonation of end entities.
So why do you think it is appropriate for end user applications to make assumptions about end entity identity on the basis of source IP address?
If you take a look at DKIM you will see that the approach there is to independently authenticate the hops.
From: Iljitsch van Beijnum [mailto:iljitsch@xxxxxxxxx]
Sent: Fri 11/14/2008 3:57 AM
To: Hallam-Baker, Phillip
Cc: Keith Moore; Behave WG; IETF Discussion; Routing Research Group Mailing List; Eric Klein; Mark Townsley
Subject: Re: [BEHAVE] Can we have on NAT66 discussion?
Sent: Fri 11/14/2008 3:57 AM
To: Hallam-Baker, Phillip
Cc: Keith Moore; Behave WG; IETF Discussion; Routing Research Group Mailing List; Eric Klein; Mark Townsley
Subject: Re: [BEHAVE] Can we have on NAT66 discussion?
On 13 nov 2008, at 23:50, Hallam-Baker, Phillip wrote:
> The most successful Internet protocols do not involve connections to
> hosts today. SMTP is a connection to a service and has been for two
> decades.
> In SMTP the IP address does not remain constant end to end and never
> did.
SMTP is also the least secure protocol that is in wide use; hop-by-hop
forwarding without authentication of the message itself is a security
nightmare. We have the same issue with flooding of random IP packets.
_______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf