> route leaks, as we anecdotally know them, are an operational problem. > imiho, they are not particularly a security problem. but that does not > mean i think the ietf routing community should not be working on a > solution, quite the opposite.
You're walking through the office and see someone picking papers up off your desk. Do you ask if they are properly signed in, and through which door they entered? Or do you ask what their intent is and whether or not they're authorized to be there (which is still intent)? If you receive a route, you need to know more than who touched it to know if it's correct or not. You must know the intent so you can compare it to the reality you see in front of your face. We've been walking around this problem of intent for years, trying to mask it out of the problem to be solved, because we somehow think it can't be solved. The latest attempt is to call it an operational problem and push it to GROW. Three points: 1. The problem of intent was always going to come back and bite us where it hurts. This small incident just illustrates the scope of the problem. 2. Including signed "evil bits," doesn't solve anything in the long run, because they're still just "evil bits." Are you planning on having a new bit for every possible intent? And carry them all the way through the system although someone four hops away really doesn't care? 3. It's sweet that everyone is trying to push the problem onto GROW, but if you do that, expect to take GROW to take over your entire charter (or all the meaningful work in this space), because knowing intent is the only problem worth solving here. Suggestions have been made before and rejected in this space, and more suggestions are available (if you take five minutes and poke around looking for them). However, it's always going to be difficult to get alternate options through a working group founded on the premise of standardizing on specific solution, rather than solving a problem. Don't ask for suggestions unless you really mean it. And if someone gives you one, listen, rather than throwing them out on their ear. Russ -- <>< [email protected] [email protected] _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
