El 21/12/10 21:22, Roland Dobbins escribió:
On Dec 22, 2010, at 3:17 AM, marcelo bagnulo braun wrote:
making the parts of the network taking the rogue announce for valid likely to
be higher, than in the case of the anycast, where there are several legitimate
origins.
No, because *upon investigation*, it's generally considerably easier to
determine which announcements are legitimate and which aren't for a given
prefix which isn't anycasted vs. doing so for one which is anycasted.
Right, so basically you are saying is that if there is a unicast
announcement that should come from a single origin, it is easier to
distinguish the rogue announcements than in the case of an anycast
announcement, where it can come from multiple origins?
If that is the case, i can see that.
Now that doesn't imply afaict that the surface of the attack will be
bigger, just that it is harder to identify.
Second, it is not obvious to me why having different origins for each
anycast location makes this situation any easier in the case of a
malicious attacker (Who is could potentially include a false origin in
its announcement)
Regards, marcelo
_______________________________________________
GROW mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/grow
_______________________________________________
GROW mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/grow
