In message <52D7E98B.4040801@userid.org>, Pierre Lamy writes:
BCP38 will only ever get implemented if governments and ruling 'net bodies force deployment. There's otherwise very little benefit seen by the access network providers, since the targets are other orgs and the attacks are happening in a different backyard.
Except the targets are *everybody* including the access networks. This really is "if you are not part of the solution, you are part of the problem" and applies 100% to access networks. And it doesn't require governments, it just requires CEO's with the gumption to say we are not going to accept routes from you, via transit or direct, until you publically state that you are implementing BCP38 within your network and then follow through. If you implement BCP the publish the fact on you sites. This lets others know they are not alone in the fight to make the net a better place. e.g. "We implement BCP 38 on XX% of customer links" "We implement BCP 38 on all of our single homed customers" "We implement BCP 38 on all our data centers traffic" "We implement BCP 38 on all our NOC traffic" "We implement BCP 38 on all our outgoing traffic" "We implement BCP 38 on all our traffic" Machines get owned everywhere including data centers and NOCs. BCP 38 filters should be everywhere. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org