nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reverse DNS RFCs and Recommendations

From: Jimmy Hess <mysidia () gmail com>
Date: Fri, 1 Nov 2013 23:05:30 -0500
On Fri, Nov 1, 2013 at 9:19 PM, Alex Rubenstein <alex () corp nac net> wrote:


a typical example will be the guy who run the dslam and the guy who run

the

bras belong to two different companies in market which mandate open
access.

... which is very, very common.



It's also a troublesome situation for the ISP;  it may be  "open access" on
paper,  but  DSLAMs and  bras  break,  and then the ISP is potentially at
the mercy of  bureaucratic support walls and the  DSLAM operator,   who
would love to create as many weeks delay in repair as possible and pay lip
service to getting issues addressed;  for the end user to get frustrated,
blame the ISP, and switch service  to their own.


But yeah....  sniffing/tapping can target    the underlying link provider.

Or it can even involve  agents  tapping into  copper wires  with alligator
clips,  unbeknownst to even the DSLAM operator.....


The trouble with end-to-end encryption as a solution;    is the
difficulty/impossibility  of   establishing   ipsec SAs  with   arbitrary
hosts on the internet;  without manual pre-configuration  of every pair of
hosts.


-- 
-JH
Previous By Date Next
Previous By Thread Next

Current thread: