On Wed, 18 Sep 2002 sgorman1@gmu.edu wrote:
A little flavor of what I'd alluded to in some of the previous threads. Any guesses what the proposal to change both BGP and DNS to improve security might entail??
The official document should be posted on WhiteHouse.GOV later today. An almost final draft copy was leaked on the net yesterday. http://www.infowarrior.org/draftstrategy.pdf DNSSEC and S-BGP have been mentioned as possible solutions. Technically some of the proposals are very elegant. However, we have to be careful about introducing more complexity into the system than necessary. Over the last year we've seen several errors in the implementation several security protocols. I don't believe security people are any better programmers than application people. What I worry about more is we are developing extremely secure, and complex methods for protecting garbage. Garbage-In, Garbage-Out.