[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Next question...
Tony Li wrote:
Assuming that the request is authenticated, what's the real issue?
Yes, the host cannot know that it is impossible to satisfy the
request, but all this is is a hint to try another alternative.
I DDOS attack the far end. The local end then sends an authenticated
hint to the routing system. In fact, if I DDOS a popular host, I can
get a lot of local ends to provide "hints" and thus indirectly DDOS the
routing system. And then suppose the routing system believes the hint.
Now I can stop my DDOS on the host and go hide.
OTOH, if a host wants to provide either quality or reachability
information about itself, I'm okay with that so long as it's
authenticated and we can find a way to sanely aggregate the information.