Scott Weeks surfer at
Thu Jan 16 23:45:59 UTC 2014

--- marka at wrote:
In message <52D7E98B.4040801 at>, Pierre Lamy writes:
> BCP38 will only ever get implemented if governments and ruling 'net 
> bodies force deployment. There's otherwise very little benefit seen by 
> the access network providers, since the targets are other orgs and the 
> attacks are happening in a different backyard.

Except the targets are *everybody* including the access networks.
This really is "if you are not part of the solution, you are part
of the problem" and applies 100% to access networks.

And it doesn't require governments, it just requires CEO's with the
gumption to say we are not going to accept routes from you, via
transit or direct, until you publically state that you are implementing
BCP38 within your network and then follow through.

Many/most CEOs would not have an understanding of what a BCP is and
their first response likely would be to ask, "What's the business

Government regulation is also not the answer.  They can't all agree
on basic crap, much less on some esoteric (in their opinion) netgeekery


More information about the NANOG mailing list