[mat-wg] [Fwd: Community suggestion for ATLAS spoof test]

> I know that you intend to limit the risk by restricting source
> addresses and of course by getting consent of the probe hosts. I am
> just afraid that even asking the question will make some hosts doubt
> that we will not harm their networks and their connectivity. We have
> to realise that not all the hosts will share our enthusiasm about new
> experiments and the more hosts we will need to find, the less of them
> will be as open minded as we are ourselves.

I agree that atlas seems like a perfect distributed system to test BCP38
compliance and help operators secure their networks by providing a
simple tool to do so.  I agree that getting agreement from individual
atlas hosts and being careful about the addresses chosen to spoof with
is the right model to consider.

Perhaps as a first step atlas hosts could be formally surveyed about
their willingness to allow spoofing tests from their networks.  If any
hosts have reservations along the lines of "not harming their networks
and their connectivity" then this should be addressed.  But at the
moment we don't really know what atlas hosts think about allowing
spoofing tests.  At the same time, Atlas seems like a great platform
that could make a substantial contribution to reducing the ability to
spoof and the harm that comes from it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: </ripe/mail/archives/mat-wg/attachments/20130516/55e79327/attachment.sig>