A new IETF working group has been proposed in the Routing Area. The IESG has not made any determination as yet. The following draft charter was submitted, and is provided for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by February 15th. +++ Secure Inter-Domain Routing (sidr) =================================== Current Status: Proposed Working Group Chair(s): TBD Routing Area Director(s): Bill Fenner <fenner at research.att.com> Alex Zinin <zinin at psg.com> Routing Area Advisor: TBD Other Advisors: Security: TBD Routing: TBD Mailing Lists: General Discussion: sidr at ietf.org To Subscribe: sidr-request at ietf.org In Body: (un)subscribe Archive: http://www.ietf.org/mail-archive/web/sidr/index.html Description of Working Group: One of the areas of vulnerability for large scale Internet environments lies in the area of inter-domain routing. The basic security questions that can be posed regarding routing information are whether the originating Autonomous System is authorized to advertise an address prefix by the holder of that prefix, whether the originating AS is accurately identified by the originating Autonomous System Number in the advertisement, and the validity of both the address prefix and the Autonomous System Number. A related question concerns the level of trust than can be ascribed to attributes of a route object in terms of their authenticity, including consideration of the AS Path attribute. The Routing Protocol Security Group (RPSEC) has been chartered to document the security requirements for routing systems, and, in particular, to produce a document on BGP security requirements. The scope of work in the SIDR working group is to formulate an extensible architecture for an interdomain routing security framework. This framework must be capable of supporting incremental additions of functional components. As and when interdomain routing security requirements are completed within the RPSEC Working Group, these requirements will be defined within the SIDR framework as functional components of a secure interdomain routing system. The scope of work will include describing the use of certification objects for supporting the distribution of authorization and authentication information. Both hierarchic and distributed non- hierarchic trust systems are intended to be supported within this framework. The intended support of both forms of trust models is to allow for the use of this framework for routing security in diverse routing environments that have different underlying trust characteristics. The scope of work is limited to inter-domain router-to-router protocols only, for both unicast and multicast systems. The SIDR working group is charged with the following tasks: - Document an extensible interdomain routing security architecture - Document the use of certification objects within this secure routing architecture - Document specific routing functionality modules within this architecture that are designed to address specific secure routing requirements as they are determined by the RPSEC Working Group Goals and Milestones: Aug-06 Submit initial draft on inter-domain routing security architecture Sep-06 Submit initial draft on certificate objects to be used within this architecture Sep-06 Submit initial draft on securing origination of routing information Jan-07 Submit routing security architecture for publication as an Informational RFC Mar-07 Submit description of use certificate objects by this architecture as an Informational RFC Apr-07 Submit secure origination mechanism as a Proposed Standard May-07 Evaluate progress, recharter with new goals or shutdown. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
