Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Lazy Engineers and Viable Excuses

  • From: Danny McPherson
  • Date: Mon Aug 25 22:01:22 2003


On Monday, August 25, 2003, at 07:32 PM, Jared Mauch wrote:

	You of course are correct with the trusting of the data, but
we are in a somewhat of a chicken and egg situation.  If people don't
trust the IRR, they don't filter on it, and then the data is
allowed to get out of date.  But people who maliciously add bogus
(or excessive route objects for example) are easy to track down.  This
is what the maintainer objects are for and why the IRR software keeps
logs of the messages (including headers) that are submitted.

I fully agree with the cart/horse chicken/egg analogy.

If SPs began employing IRRs more fully and more work
went into commercialization of IRR infrastructure and
tools (and perhaps some RIR feedback loop were created)
they'd improve.

Instead, folks are running about designing new protocols
far more complex than BGP already is, that *still* require
some "authority".  When in reality, 99% of the
vulnerabilities could have been solved with what was in
place 10 years ago.

Folks are striving for "perfect security", which is fine,
but they've ignored the reasons why we don't even have
"crappy" security.

-danny





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.