I read this draft and tried to participate in shaping into something I as an operator believe useful in SIDR WG, but to no avail -- IMO because the protocol work, and then the requirements work, were largely completed already. I believe this approach will cause more harm than good and result in more instability than security, and it leaves some considerable holes with which I am actually concerned about related to inter-domain routing security (and autonomy) on the Internet. As such, myself and some other operators published this document, which has since been accepted and evolved as a WG document within the Global Routing Operations WG (GROW): http://tools.ietf.org/html/draft-ietf-grow-simple-leak-attack-bgpsec-no-help-02 I've given up on SIDR, I wish them well…. -danny On Sep 9, 2013, at 6:26 PM, The IESG <iesg-secretary@xxxxxxxx> wrote: > > The IESG has received a request from the Secure Inter-Domain Routing WG > (sidr) to consider the following document: > - 'Threat Model for BGP Path Security' > <draft-ietf-sidr-bgpsec-threats-06.txt> as Informational RFC > > The IESG plans to make a decision in the next few weeks, and solicits > final comments on this action. Please send substantive comments to the > ietf@xxxxxxxx mailing lists by 2013-09-23. Exceptionally, comments may be > sent to iesg@xxxxxxxx instead. In either case, please retain the > beginning of the Subject line to allow automated sorting. > > Abstract > > > This document describes a threat model for the context in which > (E)BGP path security mechanisms will be developed. The threat model > includes an analysis of the RPKI, and focuses on the ability of an AS > to verify the authenticity of the AS path info received in a BGP > update. We use the term PATHSEC to refer to any BGP path security > technology that makes use of the RPKI. PATHSEC will secure BGP > [RFC4271], consistent with the inter-AS security focus of the RPKI > [RFC6480]. > > The document characterizes classes of potential adversaries that are > considered to be threats, and examines classes of attacks that might > be launched against PATHSEC. It does not revisit attacks against > unprotected BGP, as that topic has already been addressed in > [RFC4271]. It concludes with brief discussion of residual > vulnerabilities. > > > > > The file can be obtained via > http://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats/ > > IESG discussion can be tracked via > http://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats/ballot/ > > > No IPR declarations have been submitted directly on this I-D. > > >
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail