[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding

To: "Fergie" <fergdawg@netzero.net>, <pekkas@netcore.fi>
Subject: RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
From: "Barry Greene \(bgreene\)" <bgreene@cisco.com>
Date: Fri, 4 May 2007 09:29:49 -0700
Cc: <Donald.Smith@qwest.com>, <trall@almaden.ibm.com>, <opsec@ops.ietf.org>
In-reply-to: <20070503.234045.839.1252123@webmail33.lax.untd.com>
References: <20070503.234045.839.1252123@webmail33.lax.untd.com>

 
> Speaking of BCP38, I do hope you all saw this:
> 
>  
> http://www.ripe.net/ripe/maillists/archives/spoofing-tf/2007/m
> sg00000.html

Speaking of BCP38++, read through the document. You can see the reasons
why "source checks" on the ingress of a SP's network need to go beyond
the IP address. DSCP and MAC are both known checks.

References:
- RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
  - From: "Fergie" <fergdawg@netzero.net>

Prev by Date: RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
Next by Date: RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
Previous by thread: RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
Next by thread: RE: draft-ietf-opsec-infrastructure-security-01 - InfrastructureHiding
Index(es):
- Date
- Thread