nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Clueless service restrictions (was RE: Anti-spam System Idea)

From: Paul Jakma <paul () clubi ie>
Date: Thu, 19 Feb 2004 06:51:04 +0000 (GMT)

On Tue, 17 Feb 2004, Alex Bligh wrote:


they in turn chose to trust. Take BGP (by which I mean eBGP) as the case in
point: [...] The trust relationship is
important, [...]. BGP allows me (in commonly deployed form) to run 
a relatively
secure protocol between peers, and deploy (almost) universal end-to-end
connectivity for IP packets in a manner that does not necessarily involve
end users in needing to know anything about it bar "if the routing doesn't
work, I move providers"; 


Right but:

- The world of BGP peers is a rarified one, there are, what, <20k 
ASes out there? Nearly all are medium sized enterprises, institutions 
or organisations or bigger.

- With BGP's peer-to-peer trust relationships, prefixes get hijacked,
rogue ASes collude with spammers.

So, despite the small number of players, it still doesnt work, and 
people are working on adding stronger forms of verification of 
announcements to to BGP.

And you want to try scale this to the millions and millions of SMTP
hosts? :)


Alex


regards,
-- 
Paul Jakma      paul () clubi ie        paul () jakma org       Key ID: 64A2FF6A
        warning: do not ever send email to spam () dishone st
Fortune:
"You shouldn't make my toaster angry."
-- Household security explained in "Johnny Quest"
Previous By Date Next
Previous By Thread Next

Current thread: