Changing the way we talk about BCP38 [Was: Re: "Everyone should be deploying BCP 38! Wait, they are ...."]

Paul Ferguson fergdawgster at
Tue Feb 18 19:43:25 UTC 2014

Hash: SHA256


On 2/18/2014 11:22 AM, Jared Mauch wrote:
> On Feb 18, 2014, at 1:40 PM, Patrick W. Gilmore <patrick at>
> wrote:
>> Barry is a well respected security researcher. I'm surprised he
>> posted this.
>> In his defense, he did it over a year ago (June 11, 2012). Maybe
>> we should ask him about it. I'll do that now....
> I'm not surprised in any regard.  There are too many names for
> BCP-38, SAV, SSAC-004, BCP-84, Ingress Filtering, etc..

This is why I am now using the phrase "anti-spoofing" when talking
about this in public. It far less cryptic, and I am breaking into
bite-sized components that people can actually understand.

As engineers & technical people, we need to start using language
people can wrap their brains around easily.

Remember: We are living in the age of instant gratification and
Attention Deficit Disorder.  :-)

- - ferg

> There are many networks that perform this best practice either by
> "default" through NAT/firewalls or by explicit configuration of the
> devices.
> There are many networks that one will never be able to measure nor
> audit as well, but that doesn't mean we shouldn't continue to work
> on tracking back spoofed packets and reporting the attacks, and
> securing devices.
> - Jared

- -- 
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2

Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird -


More information about the NANOG mailing list