> A more general approach would be to create a mechanism that > allows recognizing packets that belong to approved sessions. > This can be because the session is towards an approved > correspondent, which is easy to determine with a return > routability check, or it can be after higher-layer > authentication/authorization.
Isn't that done with AAA and vendor specific 'session control' implementation of BCP38 today? I still do not see anything new. All I see in this public and private discussion is a gross misunderstanding of BCP38 as a policy and the breath of work in the industry done to enforce that policy. The only thing I see a WG doing is to list the BCP38 enforcement mechanisms - which then goes down the path of vendor advertisement. _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
