Clueless service restrictions (was RE: Anti-spam System Idea)
Paul Jakma
paul at clubi.ie
Thu Feb 19 06:51:04 UTC 2004
On Tue, 17 Feb 2004, Alex Bligh wrote:
> they in turn chose to trust. Take BGP (by which I mean eBGP) as the case in
> point: [...] The trust relationship is
> important, [...]. BGP allows me (in commonly deployed form) to run
> a relatively
> secure protocol between peers, and deploy (almost) universal end-to-end
> connectivity for IP packets in a manner that does not necessarily involve
> end users in needing to know anything about it bar "if the routing doesn't
> work, I move providers";
Right but:
- The world of BGP peers is a rarified one, there are, what, <20k
ASes out there? Nearly all are medium sized enterprises, institutions
or organisations or bigger.
- With BGP's peer-to-peer trust relationships, prefixes get hijacked,
rogue ASes collude with spammers.
So, despite the small number of players, it still doesnt work, and
people are working on adding stronger forms of verification of
announcements to to BGP.
And you want to try scale this to the millions and millions of SMTP
hosts? :)
> Alex
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam at dishone.st
Fortune:
"You shouldn't make my toaster angry."
-- Household security explained in "Johnny Quest"
More information about the NANOG
mailing list