> Can we please not get into a debate about how well BCP38 is or is not > deployed, whether violations are remotely detectable, ...This is NOT the > working group for that.
The point is that LISP makes spoofing no worse even though many think that it could because there are more addreses in the packet to manipulate. This aspect is on topic. > For our purposes, given that source address forging is known to occur, we > have to allow it in the threat analysis. I agree. Dino > > Yours, > Joel > > On 5/27/14, 11:04 AM, Dino Farinacci wrote: >> >>> Also, recall that large BCP38 holes exist in today's internet. >> >> And I am going to repeat again, this is not a binary statement. That is, if >> a BCP38 hole exists in one part of the network, source spoofing can still be >> detected in other parts of the network. >> >> Dino >> >> _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
