-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Ken Calvert wrote: >> The reality is, of course, that customers do not care about paths. They >> care about loss, end-to-end bandwidth and latency. So they actually pay >> money to ISPs to make routing decisions for them. This is called >> "division of labour". > >The conflation of routing and forwarding in IP constrains the customer-provider relationship to the first hop, so the customer is stuck with whatever choice the ISP makes for all paths, no matter what. And the fact that identity is entangled with location keeps the cost of "voting with one's wallet" artificially high. > >Allowing source routing at the level of transit providers shifts the balance of power back toward the user. (See Xiaowei Yang's thesis.) > >And it's not that millions of users want to specify the path their packets follow. It's really about the interesting possibilities that cannot even be contemplated because of the lack of such a mechanism (and others needed to make it feasible). > Okay -- I'll bite. So, if source-routing is a "desired" option, how can I ensure that the "source" is valid? In other words, if it is used for malicious purposes, how can I trace it back to it's "real" source? This is a major issue for me, from a security perspective. - - ferg (co-author of RFC2827/BCP38) -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.1 (Build 1012) wj8DBQFGSohdq1pz9mNUZTMRAlx8AJwP6QD5GqCmgSqDd+XU60Gm4D8wOwCgz7uW 7CkwkZtfkOW2vUyeizkdX/Y= =iWyO -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/