Leo, On Mon, Oct 3, 2011 at 7:34 PM, Leo Bicknell <bickn...@ufp.org> wrote: > The only way to make sure a route was correct, everywhere, would > be to have 39,000+ probes, one on every ASN, and check the path to > the root server. Even if you had that, how do you define when any > of the changes in 1-4 are legitimate? You could DNSSEC verify to > rule out #1, but #2-4 are local decisions made by the ASN (or one > of its upstreams). > > I suppose, if someone had all 39,000+ probes, we could attempt to > write algorythms that determined if too much "change" was happening > at once; but I'm reminded of events like the earthquake that took > out many asian cables a few years back. There's a very real danger > in such a system shutting down a large number of nodes during such > an event due to the magnitude of changes which I'd suggest is the > exact opposite of what the Internet needs to have happen in that > event.
This sounds an awfully lot like the notary concept: - http://perspectives-project.org/ - http://convergence.io/ Furthermore, changing network paths used to reach information probably should not be reason to shut down a service, in general. More interesting than which path is used, I suppose, is whether or not the data being returned has been changed in some unexpected/undesired way. Regards, Martin
