|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SYN flood messages flooding my mailbox
In message <[email protected]>, Paul Ferguson write s: > At 04:15 PM 9/17/96 -0400, Curtis Villamizar wrote: > > > > > >Of course, if by "known route" you mean known because it is in the > >IRR, and the IRR is known to be reliable, then I accept your argument > >but caution that the IRR is not always reliable, but this is yet > >another reason to make it more reliable. > > > > Curtis, > > This is also a valid argument for *not* relying on the IRR for security > issues. > > - paul I agree with you on this point but I don't think the security issues with the IRR are unsolvable. Making sure hierarchical authorization changes are deployed at all registries and enabling the PGP authentication would certainly help. Hierarchical authorization would require that registries recognize IANA as the numbering authority and install top level objects based on IANA top level delegations. This would require a strong tie between numbering allocations and routing registry. Right now any bozo can come along and claim a quarter or half the number space. Curtis - - - - - - - - - - - - - - - - -
|