On Thu, Apr 16, 2015 at 6:58 AM, David Hofstee <david@mailplus.nl> wrote:
Hi,
I saw the following and thought it would be interesting to share. In case of a persistent DDoS an ASy can fallback to a small set of (more trustable) AS'es for their routing: http://www.trustednetworksinitiative.nl/
They have a policy with procedural and technical parts, which may be upgraded later, for parties who want to participate: https://www.thehaguesecuritydelta.com/images/20141124_Trusted_Networks_Polic...
Without having an opinion if everybody in the world should join this (I don't know the desired scope of this group), but the idea is interesting. I had not seen something like it before.
so...: "The principles of the solutions are simple: each participating network at its sole discretion can step to ‘trusted internet only’ if an emergency situation requires to temporary disconnect from the global internet." you're asking your ISP or set of ISPs to 'stop forwarding me packets from X and Y and Z' sure, why do we need a new special group and designation for that? can't you just no-export your routes to your provider today? (or other similar options). this seems ... shortsighted at best and incredibly dumb at worst.