Hallam-Baker, Phillip wrote: > BGP is not a secure protocol. > > We may work out a way to make BGP somewhat more secure, but most likely > to defend against attacks such as flooding and DDoS rather than > impersonation of end entities. > > So why do you think it is appropriate for end user applications to make > assumptions about end entity identity on the basis of source IP address? I don't. But the mapping service still need to be secure to thwart DoS attacks. (and it's a lot easier to get away with DoS attacks if you can make them surgical - i.e. if you can make them apply only to a very limited target without effecting anyone else) Keith _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf