"general badness" AS-based reputation system
serrano.miser at gmail.com
Wed Sep 28 09:32:56 UTC 2011
On Sep 26, 2011, at 02:23 , Manish Karir wrote:
> We tried to outline some of the challenges of building such a system in our NANOG52 presentation:
> In particular see slide 4. where we tried to lay down what we think the requirements are for a socially acceptable
> reputation system.
> With a bit of luck we might be able to announce the release of our system before the next NANOG mtg, but in
> my opinion collating host reputation reports is just a small and the easiest part of the effort. The key is in
> solving the challenges of allowing (and incentivizing) participation and being robust to false information
As mentioned by Gadi, the maintenance of such tools is not often easy, in particular since some datasources may disappear or become obsolete over time. For example, to have a global view of the BGP landscape the best service I know is RIS from RIPE, but there aren't many alternatives. Although this problem may be reduced through an increase of the total number of datasources, it is something to be considered. Also, since historical data is considered, the fact that some datasources may disappear over time can affect the ranking value.
Most importantly, this type of approach is dependent on the level of commitment the network community has, which may be mined by not enough incentives (the problem mentioned in slide 3). Namely (as stated before) the problem of certain customers not being able to reach critical systems "just" because that ASN was considered evil, is a strong incentive *not* to adhere to the system. This is IMHO THE biggest Problem. Also, if you are a transit AS do you think this to be a viable approach?
Although I think this philosophy has strong arguments to move forward, it also has many challenges that must be dealt with and the biggest ones are not technical (what a surprise…).
Thanks for your valuable contribution.
More information about the NANOG