Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: md5 for bgp tcp sessions

  • From: Todd Underwood
  • Date: Thu Jun 23 10:28:52 2005

marty,

On Thu, Jun 23, 2005 at 10:22:07AM -0400, Hannigan, Martin wrote:
> > rolling out magic code because your
> > vendor tells you to is a bad idea;  
> 
> That's mostly the result of the calamitous failure in vulnerability 
> release methodology, not Operator stupidity. 

totally agreed.  vendors c, j and several others should be *ashamed*
of the way that they handled and continue to handle this issue: they
have yet to admit that they raised a panic (in secret, with no facts,
so that they could not be refuted) over a basic fact of the way tcp
works, creating outages and instability to fix a non-problem.

operators in those circumstances had little choice but to roll out
"critical security fixes", but i think we all deserve an apology, an
explanation and a commitment to do better in the future.

t

-- 
_____________________________________________________________________
todd underwood
director of operations & security
renesys - interdomain intelligence
todd@renesys.com   www.renesys.com




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.