IETF Logo Mail Archive

Re: [GROW] I-D Action: draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.txt

Nick Hilliard <nick@inex.ie> Sun, 24 November 2013 22:45 UTC

Return-Path: <nick@inex.ie>
X-Original-To: grow@ietfa.amsl.com
Delivered-To: grow@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0EC21AE383 for <grow@ietfa.amsl.com>; Sun, 24 Nov 2013 14:45:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z2_zdv48z1NE for <grow@ietfa.amsl.com>; Sun, 24 Nov 2013 14:45:05 -0800 (PST)
Received: from mail.netability.ie (mail.netability.ie [IPv6:2a03:8900:0:100::5]) by ietfa.amsl.com (Postfix) with ESMTP id 9F8F41AE2DC for <grow@ietf.org>; Sun, 24 Nov 2013 14:45:03 -0800 (PST)
X-Envelope-To: <grow@ietf.org>
Received: from cupcake.foobar.org ([IPv6:2001:4d68:2002:100::126]) (authenticated bits=0) by mail.netability.ie (8.14.7/8.14.5) with ESMTP id rAOMirKG061888 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for <grow@ietf.org>; Sun, 24 Nov 2013 22:44:53 GMT (envelope-from nick@inex.ie)
X-Authentication-Warning: cheesecake.netability.ie: Host [IPv6:2001:4d68:2002:100::126] claimed to be cupcake.foobar.org
Message-ID: <52928164.7030906@inex.ie>
Date: Sun, 24 Nov 2013 22:44:52 +0000
From: Nick Hilliard <nick@inex.ie>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: grow@ietf.org
References: <20131118230146.22016.28407.idtracker@ietfa.amsl.com> <77143901-5DA3-4937-8162-509B62A61594@apnic.net> <CAL9jLabPjvXaAUaSEyQXdFvSDPZ_bJX4rjGxOGd0BqYhQcQYdg@mail.gmail.com> <FDFB46E9-ECD0-4CFF-A846-2E6FE9F8C9D7@apnic.net>
In-Reply-To: <FDFB46E9-ECD0-4CFF-A846-2E6FE9F8C9D7@apnic.net>
X-Enigmail-Version: 1.6
X-Company-Info-1: Internet Neutral Exchange Association Limited. Registered in Ireland No. 253804
X-Company-Info-2: Registered Offices: 1-2, Marino Mart, Fairview, Dublin 3
X-Company-Info-3: Internet Neutral Exchange Association Limited is limited by guarantee
X-Company-Info-4: Offices: 4027 Kingswood Road, Citywest, Dublin 24.
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [GROW] I-D Action: draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.txt
X-BeenThere: grow@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Grow Working Group Mailing List <grow.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/grow>, <mailto:grow-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/grow/>
List-Post: <mailto:grow@ietf.org>
List-Help: <mailto:grow-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/grow>, <mailto:grow-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Nov 2013 22:45:07 -0000

On 22/11/2013 09:47, Geoff Huston wrote:
> so we get back to RPSL.

I wouldn't look to RPSL as being the solution to a whole lot.

> But I am still wondering:...
> 
> Why are we using GROW to host this discussion?

because the WG has got a nice operator-friendly feel to the name and there
is no other document in the accumulated tomes of ietf lore which explicitly
states that prefix origin validation in its current form is operationally
limited in scope and that if there are organisations out there who feel
that they'll get a kwik-fix sticky plaster solution for their routing
security concerns by turning on rpki, they need to think again.  It's
probably not a bad idea to have a document like this although I'm not much
interested in the politics of whether it belongs in grow or even the ietf.

> And if we are ready to reopen this consideration of requirements for
> securing the operation of BGP, just how much of this are we willing to
> re-consider? Is it all the way back to RPSL and RPSS?

draft-ietf-sidr-bgpsec-reqs is a good start.  Re: your comparison with
dnssec, the latter has the interesting property that it is fully
hierarchical with a single root and therefore the object relationship model
is relatively easy to handle - particularly when attempting to retrofit it
with a hierarchical trust model.  With bgp we have a highly fluid peer to
peer relationship mechanism which rpsl attempted to document, and here we
are trying to determine whether a top-down hierarchical pki could form part
of a trust mechanism to determine the validity of prefixes and paths so
that we dumb operators can reach the holy grail of being able to believe
what we see when we type "show bgp blah".  RPKI can work for prefix origin
validation because prefixes are assigned hierarchically.  AS paths -
transit and peering relationships - are not assigned hierarchically, so
there seems little reason to think that a hierarchical trust model would be
the most appropriate mechanism to use for securing this.  Or am I being
naive here?

Nick

v2.23.0 | Report a Bug | By Email