On Mar 28, 2012, at 12:03 PM, Leo Bicknell wrote:
Tier 1 T640 core network with 10GE handoff Regional Cisco GSR network with 1GE handoff Local 1006 to Arris CMTS Subscriber Motorola Cable Modem to NetGear SOHO Gateway User Patron with Airport Express sharing a wired connection to WiFi ... If you were going to write it into law/regulation, where would you require it?
Seems to me that from a legislator's perspective, there is a pretty bright (as in "moth attracted to flame") line between "subscriber" and "provider".
Maybe all of them should, but can they from a technologial perspective?
Implementing telephone number portability was probably technologically more challenging for the telcos to deal with but that didn't stop the legislators from requiring it.
I think given the thorny set of issues that taking a step back and saying, "rather than a perfect solution, what gets us most of the way there the cheapest, and quick" is a good question to ask.
You don't think that question has already been asked? It has been a dozen years since BCP38 was published. Over that period, the Internet has grown immensely and with it, the threats the ability to trivially spoofing source addresses represents. As far as I can tell, there has been little to no improvement in mechanisms to reduce those threats, yet high profile attacks against governments, departments/ministries, commercial organizations, etc., have only increased. I figure at some point (likely after a particularly high-profile attack), politicians and their corporate masters are going to feel the need to be seen to "do something about the problem." I have some skepticism that 'something' is going to be an ideal solution.
The perfect is the enemy of the good in this case. Solving this at the consumer CPE level would remove 90-95% of the problem at zero hardware cost, a very small software cost, and a very small support cost and probably make us stop talking about this issue all together.
And the incentive for CPE manufacturers to invest in the small software cost is? Regards, -drc