North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet
- From: Dave Crocker
- Date: Thu Jan 13 11:19:42 2005
On Wed, 12 Jan 2005 17:41:33 -0500, Valdis.Kletnieks@vt.edu wrote:
> The X.400 concepts of ADMD= and PRMD= really caught on, didn't they? ;)
> Peering in a world of 64K ASNs, mostly basically static, is a lot different
> than peering in a world of 40 million plus .COMs, many in motion. Most of
> the time, we're lucky if the MX record points to the right place....
Funny this should come up now...
I've been working on a document to describe current Internet Mail architecture and it has taken an unexpected turn. In fact I am trying to add a section that deals with different Operators, as distinct from different functional modules. The reason is primarily because the inter-Operator boundaries define where trust relationships need to be decided and enforced. (The recent papers and discussions about "tussle" boundaries captures this issue really well.)
As with so many problems with x.400, it is not that it was wrong to pay attention to one or another issue. The problem was that x.400 mixed everything together into a single, homogeneous and gargantuan pot, therefore requiring adopters to deal with an ungainly mass of specification and code, all at once. You really could not do adoption in incremental steps. Oh, and this all-or-nothing barrier hit the standards guys, too, since some required components did not show up for a long time.
The x.400 admd/prmd was, in fact, an addressing construct, rather than merely being an operational and routing construct. Hence, an x.400 address was more like a source route. Arpanet/Internet experience has shown pretty serious scaling problems with visible source routing, uucp experience notwithstanding.
The issue we are facing in the current discussion is operations, not addressing. So, for example, the fact of having a variety of operators does not show up in the address, any more than it does in an IP address. Rather, it shows up in routing and trust issues, just as it does with IP.
Although lots of operational variety is possible and does occur, perhaps the most common operational scenarios are covered by:
origin => [provider =>] [provider =>] destination
And the equivalent to AS-AS trust assessment is not all of the domains in the world, but rather domains that involve MTA-MTA exchanges across operator boundaries.
I believe the scale of this requirement is exactly the same as the AS-AS requirement.
In fact, this is exactly the problem that CSV attends to.
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net