Are we really this helpless? (Re: isprime DOS in progress)
fergdawgster at gmail.com
Sun Jan 25 02:13:14 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, Jan 24, 2009 at 6:05 PM, Mark Andrews <Mark_Andrews at isc.org> wrote:
>> BCP 38 isn't a license, it's a technique.
> There are plenty of cases in common law where as a owner
> of something and you havn't taken reasonable steps to protect
> or prevent injury that, were well known, you will be proved
> to be negligent.
> BCP 38 is falling into that sort of category.
> Every operator here should be worried about what will happen
> when someone decides to sue them to recover damaged caused
> by spoofed traffic. It's just a matter of time before this
> happens. Remember every router inspects packets to the
> level required to implement BCP 38. This is not deep packet
> inspection. This is address inspection which every router
> Did you know about "BCP 38"?
> What steps did you take to implement "BCP 38"?
> I suspect that a lawyer will be able to demonstrate to a
> judge that even as a common carrier that a operator should
> have been deploying BCP 38.
I think each point above is true -- BCP38 is indeed a technique, but
failure to universally implement it defaults to (almost) a tragedy of the
After ~10 years, it is surreal to me that we, as a community, are still
grappling with issues where it could be beneficial for the Internet
community at-large. I mean, it _is_ a BCP.
- - ferg
p.s. Even when Dan Senie and I drafted RFC2827/BCP38, we were doing nothing
more than documenting what everyone (well, maybe not everyone) already knew
anyway -- that we all need to bite the bullet and just do it.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)
-----END PGP SIGNATURE-----
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG