-----Original Message----- From: Steve Gibbard [mailto:scg@gibbard.org] Sent: Wednesday, January 12, 2005 5:35 PM To: Hannigan, Martin Cc: NANOG list Subject: RE: Proper authentication model

On Wed, 12 Jan 2005, Hannigan, Martin wrote:

[ snip ]

Obviously, if you are the local telco this isn't really out of band, but works well for others who aren't sharing the local telco's infrastructure.

Is it as secure as having your own diverse-path management network of private point to point circuits? Probably not, but with sufficient firewalling and encryption on the tunnels, it's good enough, and cheap enough that it's possible to talk ISP owners into paying for it.

I don't know if this specifically relates to any local telco, but there are some clear reasons on why to go through the excercise of having a true out-of-band network. I don't disagree that smaller ISP's may not neeed such a thing nor do I suggest that it offers a significant ROI to the smaller guys.