The IESG has received a request from the Secure Inter-Domain Routing WG (sidr) to consider the following document: - 'Threat Model for BGP Path Security' <draft-ietf-sidr-bgpsec-threats-06.txt> as Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2013-09-23. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document describes a threat model for the context in which (E)BGP path security mechanisms will be developed. The threat model includes an analysis of the RPKI, and focuses on the ability of an AS to verify the authenticity of the AS path info received in a BGP update. We use the term PATHSEC to refer to any BGP path security technology that makes use of the RPKI. PATHSEC will secure BGP [RFC4271], consistent with the inter-AS security focus of the RPKI [RFC6480]. The document characterizes classes of potential adversaries that are considered to be threats, and examines classes of attacks that might be launched against PATHSEC. It does not revisit attacks against unprotected BGP, as that topic has already been addressed in [RFC4271]. It concludes with brief discussion of residual vulnerabilities. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats/ballot/ No IPR declarations have been submitted directly on this I-D.
