> From: Patrick Frejborg <[email protected]>
> concern about having a mapping database for routing information
How does the mapping database differ, in terms of being a operational 'weak
point', from the DNS?
(Note that this is an architectural discussion, not an engineering one, so I
am assuming that at the future point in time we are talking about, both
systems have been well engineered, i.e. they have 'good' security: so that
DNSSEC will have been fully deployed, along with some similar-strength
mechanism for the mapping database. Here in the real world, it's not clear
which system will be well secured first; if good security is in the mapping
system from the start, it might actually be secured first.)
For the 'ordinary' user, I don't see much difference: if either is made
unworkable, most applications (web, email, etc) will not work.
For network professionals, there will be a subtle difference, in terms of the
tools available for fault analysis and repair if either system is breached:
if the DNS is breached, traffic which uses 'identifiers' can still be sent,
whereas if the mapping database is breached, only traffic which uses locators
can be sent.
Is that difference significant? Did I miss anything?
Noel
_______________________________________________
rrg mailing list
[email protected]
http://www.irtf.org/mailman/listinfo/rrg
