[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: network controls are necessary
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Christian" == Christian Huitema <email@example.com> writes:
Christian> I am much more optimistic than Joel about the possibilities of hosts.
Christian> The average PC has as much CPU and memory as the average router, if not
As am I.
Christian> Clearly, there is an issue with the smallest appliances, which can at
Christian> best be expected to perform random choices. In most cases, it does not
1) *Today's* smallest appliances rival the high end desktop systems of less than a
2) if the defaults work okay, except during network failures, it might not matter
if my gas meter is a bit unresponsive.
Christian> There is also an issue with policy enforcement. However, we already have
Christian> mechanisms to inform the hosts: router advertisements can carry
Christian> preferences for this or that prefix or router; ICMP can inform the hosts
Christian> that their choices are not acceptable. In fact, ICMP can also be used
Christian> from the site exit router(s) to suggest alternatives on a case by case
Router advertisements I will trust. Not because they are unspoofable, but
because we have to secure them anyway (SEND issue).
I would love to be able to secure ICMPs from the site exit routers. I am
skeptical that we will be able to do that. I expect my link-local routers to
be able to develop a trust relationship with the site exit routers much
easier than an end-system can.
Yes, as Bill says, we have to have strong indications of cacheability.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] firstname.lastname@example.org http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----