Florian Weimer wrote: >> The problem is amplification. > > No, the actual problem is source address spoofing.
in that having only amplification and not spoofing would mean there would be no problem, this is true. in that having only spoofing and not amplification would mean there would be a smaller problem, it's less true. in other words, a world without amplification would be almost as good as a world without spoofing. moreover, a world with only attenuation would be as good as a world without spoofing, because the victim would be hit directly rather than through attenuators. >> It can only be mitigated. > > The spoofing problem could be mitigated if we actually wanted to, and > were willing to punish those who try to send their pollution to the > rest of the network. no. there is no "we" in this context. the lack of an adequate set of shunners is no more notable than a lack of an adequate set of informed voters or any other adequate set of things that can by definition only be imagined, never real. > We just need to admit that self-regulation by the industry has failed > to address this matter adequately. and having so admitted, what will we do next or do differently? industry self regulation does not prevent shepherds from grazing their flocks in the village commons. for that class of problem, the solution throughout human history has been law. the internet is extra-legal because it is extra-national. we know all this, and we've known it for decades. what can be done in light of all this we know? paul
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
