Toma,

You are rising interesting issues.

It will be interesting to hear from hardware engineers that are working in the routing equipment manufaturers.

Even that not any router is DPI as you wrote, BGP routers have ACL's functionality, for implementing the ACL checks - the firmware is inspecting the ip packet in some way, an inspection is being done to the ip packet in any BGP router that support ACL's.

Respectfully,
Elad
From: Töma Gavrichenkov <ximaera@gmail.com>
Sent: Friday, May 1, 2020 12:58 AM
To: Elad Cohen <elad@netstyle.io>
Cc: members-discuss@ripe.net <members-discuss@ripe.net>
Subject: Re: [members-discuss] Technical solution to resolve Spoofed IP traffic, Spoofed amplification DDoS attacks, BGP&RIR hijacking, IoT botnet infections and Botnet C&Cs
 
Ah yes!!

On Thu, Apr 30, 2020 at 11:31 PM Elad Cohen <elad@netstyle.io> wrote:
> - The data field in an ip packet - will always
> be the same for an access attempt to a IoT
> device with default credentials - hence these
> kind of "IP protocol data fingerprints" which
> are related to specific "IP protocol numbers"
> will be provided by ICANN backend
> infrastructure to each BGP router through
> the opened session with it.

Everywhere except for China and, possibly, North Korea, border routers
are *not* DPI devices.  Hence they don't have an *ability* to *look*
through the IP packet data, let alone apply any checksums or
fingerprints.

Otherwise, gosh, TCP with its checksums wouldn't have been necessary.

A DPI device costs I think 500 times more than a typical border
routing device in use in Europe.  (this is a rough estimation based on
the packet length, it might be slight less or a couple orders of
magnitude more than that)

And yes. This solution requires a complete *hardware* update to all
the border routers.  I think that's a concept for a PhD topic in
economy (quite possibly also a Nobel prize) rather than for a
members-discuss thread.

P.S. I want to reiterate that those topics are relevant to
secdispatch@ietf.org.  Only after they are submitted as an I-D and
dispatched to a working group, AND the working group accepts the I-D
as a working group draft, they are on-topic in here.  Otherwise, they
are off-topic.  Thank you in advance for understanding.

--
Töma