Lazy Engineers and Viable Excuses

• Previous message (by thread): Lazy Engineers and Viable Excuses
• Next message (by thread): Lazy Engineers and Viable Excuses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday, August 25, 2003, at 07:32 PM, Jared Mauch wrote:

> 	You of course are correct with the trusting of the data, but
> we are in a somewhat of a chicken and egg situation.  If people don't
> trust the IRR, they don't filter on it, and then the data is
> allowed to get out of date.  But people who maliciously add bogus
> (or excessive route objects for example) are easy to track down.  This
> is what the maintainer objects are for and why the IRR software keeps
> logs of the messages (including headers) that are submitted.


I fully agree with the cart/horse chicken/egg analogy.

If SPs began employing IRRs more fully and more work
went into commercialization of IRR infrastructure and
tools (and perhaps some RIR feedback loop were created)
they'd improve.

Instead, folks are running about designing new protocols
far more complex than BGP already is, that *still* require
some "authority".  When in reality, 99% of the
vulnerabilities could have been solved with what was in
place 10 years ago.

Folks are striving for "perfect security", which is fine,
but they've ignored the reasons why we don't even have
"crappy" security.

-danny

• Previous message (by thread): Lazy Engineers and Viable Excuses
• Next message (by thread): Lazy Engineers and Viable Excuses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]