Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Job Snijders <job@xxxxxxxxxxxxx>
Subject: Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
From: Randy Bush <randy@xxxxxxx>
Date: Sat, 02 Jul 2016 19:44:02 +0900
Cc: GMO Crops <grow@xxxxxxxx>, IETF Disgust List <ietf@xxxxxxxx>
In-reply-to: <20160702103723.GN744@22.rev.meerval.net>
References: <20160701111544.GL4253@22.rev.meerval.net> <57765693.4090407@foobar.org> <m2wpl5ee36.wl%randy@psg.com> <93821709-33a1-3320-e3f2-9ca8b67ecf23@bogus.com> <m2inwpdnk7.wl%randy@psg.com> <20160702103723.GN744@22.rev.meerval.net>
User-agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)

>> and you are kinda peotected by the community not being well-known,
>> i.e. different for each upstream. the attacker has to know the
>> community for each upstream and be able to not only inject the prefix
>> but also tag it with the correct community for each upstream.
> 
> Your argument comes down to "security through obscurity"

no.  non-transitiveness through local naming, the reason this has not
allowed serious damage in current practice.

randy

Follow-Ups:
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: heasley

References:
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: Job Snijders
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: Nick Hilliard
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: Randy Bush
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: joel jaeggli
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: Randy Bush
- Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
  - From: Job Snijders

Prev by Date: Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
Next by Date: Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
Previous by thread: Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
Next by thread: Re: [GROW] Last Call: <draft-ietf-grow-blackholing-00.txt> (BLACKHOLE BGP Community for Blackholing) to Proposed Standard
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Fedora Users]