[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening
Dobbins, Roland
rdobbins at arbor.net
Fri Nov 8 14:20:29 EST 2013
On Nov 8, 2013, at 10:11 AM, Mark Newton <newton at atdot.dotat.org> wrote:
> I can't say I'm disappointed in this resolution. Should have happened a long time ago.
The problem with overencryption of this magnitude is that besides the additional overhead, it makes dealing with DDoS attacks and other security issues considerably more difficult in terms of detection, classification, traceback, and mitigation, not to mention broadening the attack surface and providing a non-insignficant impact amplification, due to crypto overhead.
On top of that, it's useless - the spooks and spies (not to mention the ODCs) simply bypass it all and get everything en clair from the endpoints themselves.
This is a bad move; a gross over-reaction that, if implemented (which I doubt it will be), will degrade the overall security posture of the Internet to a significant degree.
There are no technical solutions to social ills. If this comes to pass, we will all regret it.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
More information about the AusNOG
mailing list