North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Clueless service restrictions (was RE: Anti-spam System Idea)

  • From: Paul Jakma
  • Date: Thu Feb 19 01:57:21 2004

On Tue, 17 Feb 2004, Alex Bligh wrote:

> they in turn chose to trust. Take BGP (by which I mean eBGP) as the case in
> point: [...] The trust relationship is
> important, [...]. BGP allows me (in commonly deployed form) to run 
> a relatively
> secure protocol between peers, and deploy (almost) universal end-to-end
> connectivity for IP packets in a manner that does not necessarily involve
> end users in needing to know anything about it bar "if the routing doesn't
> work, I move providers"; 

Right but:

- The world of BGP peers is a rarified one, there are, what, <20k 
ASes out there? Nearly all are medium sized enterprises, institutions 
or organisations or bigger.

- With BGP's peer-to-peer trust relationships, prefixes get hijacked,
rogue ASes collude with spammers.

So, despite the small number of players, it still doesnt work, and 
people are working on adding stronger forms of verification of 
announcements to to BGP.

And you want to try scale this to the millions and millions of SMTP
hosts? :)

> Alex

Paul Jakma	[email protected]	[email protected]	Key ID: 64A2FF6A
	warning: do not ever send email to [email protected]
"You shouldn't make my toaster angry."
-- Household security explained in "Johnny Quest"