From: OPSEC <[email protected]> on behalf of John Scudder <[email protected]> Sent: 11 June 2020 16:51
I think it was a question from me to Ron that kicked off his question to Opsec. For my question, no, it doesn’t help — what I was looking for was a citable RFC that said the equivalent of “thou shalt filter thy infrastructure addresses”. Because everyone knows you should do this, but apparently nobody has bothered to say so in a standard; this creates awkwardness when writing Security Considerations sections. I see Ron said “document” and your reply does indeed fill the bill. To fix my problem I’d really need an IETF (or equivalent body, I suppose) standard or BCP, though, IMO. <tp> John The reference I use is BCP84 and BCP38; the former seems to come close, Tom Petch Thanks, —John On Jun 11, 2020, at 11:16 AM, Melchior Aelmans <[email protected]> wrote: Hi Ron! Does this help? https://www.juniper.net/documentation/en_US/day-one-books/DO_BGP_SecureRouting2.0.pdf Cheers, Melchior On Wed, May 27, 2020 at 11:21 PM Ron Bonica <[email protected]<mailto:[email protected]>> wrote: Folks, Does anybody know of a document that provides general recommendations for ACL’s to be implemented on service provider edge nodes? Ron Juniper Business Use Only _______________________________________________ OPSEC mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/opsec<https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/opsec__;!!NEt6yMaO-gk!UPSCEqGPw30dB1eBx48HvNXmnDLaXxL3w6ZLfU2gqOJ8n1LRT5GKqCEyBn6eEA$> _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
