At 3:03 PM +1100 2002/11/22, Robert Elz wrote:
| Your assumption that source address of a incoming packet is reachable isDo we have cryptographic evidence for this assumption? Or are we just assuming that since we received a packet from a particular IP address that this claimed source must actually be alive?
| improper.
The source is more likely reachable than some DNS server at some unknown
location - at least we know the source address is actually alive and connected
at the time.
I'm not saying that this is not a valid assumption. I'm saying that we should ask ourselves what happens when it is not valid.
Yeah, name-based security is pretty meaningless. Even if you resolve things backwards, then forwards then backwards again (or forwards, then backwards, then forwards again), and compare the final results with what you started off with, it's a guess at best. Only with a full and unbroken cryptographic chain of evidence going up all the way to the roots, can you have some confidence that the reverse is actually what it claims to be.Personally, I have lost essentially all faith in the usefulness of addr->name translations at all, and wouldn't mind simply saying "cannot be done" (in general of course, it might sometimes work, just don't depend upon it).
Still, I think we need to provide some sort of reverse mechanism.
--
Brad Knowles, <[EMAIL PROTECTED]>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
#----------------------------------------------------------------------
# To unsubscribe, send a message to <[EMAIL PROTECTED]>.
