Re: [GROW] WGLC: draft-ietf-grow-simple-leak-attack-bgpsec-no-help

["George, Wes" <wesley.george@twcable.com>]

I see a thread dated 2013 Nov in GROW, in which substantive discussion and
comments were provided after -03 was published, in which the authors
mainly just expressed why they were frustrated with SIDR and the IETF in
general for in their minds, ignoring this problem because it was hard,
rather than addressing the concerns raised within the WG. -04 is a
keepalive to reset the expiration date with no substantive updates. Why
are we now talking about WGLC?
Chris, you were one of the ones who said that your comments hadn’t been
addressed yet.
(https://mailarchive.ietf.org/arch/msg/grow/0ho_RU3e15TCvp4p8ScCeObk42Y)

Substantive comments:
This document provides one example of a route leak causing a problem that
BGPSec does not protect against, but still does not do much to provide
guidance on how such a leak would be systematically identified, It does
note that there are data supporting the assertion that this is a real
problem, and imply that perhaps additional analysis of that data would
reveal more information. I don’t think that anyone would dispute that this
is a valid attack. However:
        "This document is meant to provide input into routing protocol design
choices being
        considered within the IETF, and to foster discussion of the practical
        implications of "policy" and "intent" in operational routing system
        security."

This document provides no actionable guidance beyond articulating the
basics of the attack, certainly no meaningful discussion of policy vs
intent other than to note that discerning intent is difficult, and as such
the draft is absolutely not ready for publication if the above is its
goal. We’re not hiding behind SIDR’s carefully crafted requirements and
charter here, so let’s actually have the discussion about policy and
intent and see if we can come to some consensus on how to use that info to
define a route leak such that we can first systematically find, and then
protect against it. I absolutely want to see a solution to this problem,
but one example/existence proof isn’t enough to get us moving in that
direction.

Thanks,

Wes



On 5/12/14, 9:59 AM, "Christopher Morrow" <christopher.morrow@gmail.com>
wrote:

>Working Group Folks:
>
>The authors of draft-ietf-grow-simple-leak-attack-bgpsec-no-help would
>like to bring the draft to WGLC, this is that LC. Please have a read
>through:
>
>
><https://datatracker.ietf.org/doc/draft-ietf-grow-simple-leak-attack-bgpse
>c-no-help/?include_text=1>
>
>Who's abstract is:
>  "This document describes a very simple attack vector that illustrates
>   how RPKI-enabled BGPSEC machinery as currently defined can be easily
>   circumvented in order to launch a Man In The Middle (MITM) attack via
>   BGP.  It is meant to serve as input to the IETF's Global Routing
>   Operations Working group (GROW) during routing security requirements
>   discussions and subsequent specification."
>
>and raise questions/comments/suggestions/eggs on this list.
>
>I expect this WGLC to last for the normal 2wk period ending:
>  26-May-2014
>
>-chris
>grow-co-chair
>
>_______________________________________________
>GROW mailing list
>GROW@ietf.org
>https://www.ietf.org/mailman/listinfo/grow


This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.