RFC 7132 on Threat Model for BGP Path Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A new Request for Comments is now available in online RFC libraries.

        
        RFC 7132

        Title:      Threat Model for BGP Path 
                    Security 
        Author:     S. Kent, A. Chi
        Status:     Informational
        Stream:     IETF
        Date:       February 2014
        Mailbox:    kent@bbn.com, 
                    achi@cs.unc.edu
        Pages:      20
        Characters: 52539
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-sidr-bgpsec-threats-09.txt

        URL:        http://www.rfc-editor.org/rfc/rfc7132.txt

This document describes a threat model for the context in which
External Border Gateway Protocol (EBGP) path security mechanisms will
be developed.  The threat model includes an analysis of the Resource
Public Key Infrastructure (RPKI) and focuses on the ability of an
Autonomous System (AS) to verify the authenticity of the AS path info
received in a BGP update.  We use the term "PATHSEC" to refer to any
BGP path security technology that makes use of the RPKI.  PATHSEC
will secure BGP, consistent with the inter-AS security focus of the
RPKI.

The document characterizes classes of potential adversaries that are
considered to be threats and examines classes of attacks that might
be launched against PATHSEC.  It does not revisit attacks against
unprotected BGP, as that topic has already been addressed in the
BGP-4 standard.  It concludes with a brief discussion of residual
vulnerabilities.

This document is a product of the Secure Inter-Domain Routing Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/search
For downloading RFCs, see http://www.rfc-editor.org/rfc.html

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux