Re: [RPSEC] BGP Security Requirements v08
Curtis Villamizar <curtis@occnc.com> Wed, 18 July 2007 19:04 UTC
Return-path: <rpsec-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1IBEpF-0008PK-1I; Wed, 18 Jul 2007 15:04:41 -0400
Received: from rpsec by megatron.ietf.org with local (Exim 4.43)
id 1IBEpE-0008PE-02
for rpsec-confirm+ok@megatron.ietf.org; Wed, 18 Jul 2007 15:04:40 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43) id 1IBEpD-0008P6-LM
for rpsec@ietf.org; Wed, 18 Jul 2007 15:04:39 -0400
Received: from 69.37.59.172.adsl.snet.net ([69.37.59.172]
helo=harbor.brookfield.occnc.com)
by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IBEpD-0003IF-3P
for rpsec@ietf.org; Wed, 18 Jul 2007 15:04:39 -0400
Received: from harbor.brookfield.occnc.com (harbor.brookfield.occnc.com
[69.37.59.172])
by harbor.brookfield.occnc.com (8.13.6/8.13.6) with ESMTP id
l6IJ5MdD029754; Wed, 18 Jul 2007 15:05:22 -0400 (EDT)
(envelope-from curtis@harbor.brookfield.occnc.com)
Message-Id: <200707181905.l6IJ5MdD029754@harbor.brookfield.occnc.com>
To: Stephen Kent <kent@bbn.com>
From: Curtis Villamizar <curtis@occnc.com>
Subject: Re: [RPSEC] BGP Security Requirements v08
In-reply-to: Your message of "Wed, 18 Jul 2007 14:00:48 EDT."
<p0624050fc2c3ec645621@[128.89.89.71]>
Date: Wed, 18 Jul 2007 15:05:22 -0400
X-Spam-Score: 1.7 (+)
X-Scan-Signature: f4c2cf0bccc868e4cc88dace71fb3f44
Cc: rpsec@ietf.org
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: curtis@occnc.com
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>,
<mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/rpsec>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>,
<mailto:rpsec-request@ietf.org?subject=subscribe>
Errors-To: rpsec-bounces@ietf.org
In message <p0624050fc2c3ec645621@[128.89.89.71]> Stephen Kent writes: > > >What we are talking about here is prevention of DOS, not protection of > >secrets. > > DoS is the primary concern, but not the only one. Misrouting to > effect active or passive wiretapping also was cited as a concern in > RFC 4272 (BGP Security Vulnerabilities Analysis). Steve, As a security guy wouldn't you consider relying on routing to protect secrets to be more than just a slightly bad idea? For secure applications you must always assume an insecure channel even if its in the same building. With enough snooped data breaking some forms of encryption is possible so I know what you are getting at. In terms of real world, it might be possible to divert information that is supposed to go to some major bank from some far away place and have a go at the SSL encryption but I suspect its orders of magnitudes easier to take over the client's Windows box and record keystrokes. > I have to admit that whenever I hear someone argue that a proposed > security approach is striving for perfection at the expense of > practicality, I wince. Thus is a reasonable argument in principle, > but very often folks disagree about what constitutes a practical (or > impractical) solution, or a what constitutes reasonable threat model, > etc. So, let;s try to not go down this path as a basis for deciding > about these requirements, as it is unlikely to be a fruitful wa to > resolve our disagreements. At what point do we set theory aside and look at whether we are addressing any sort of real world problem? Is your answer "never"? > The second argument you cited was not the principle one, but rather > an example of why mandating this as a requirement might be > problematic. I think the argument I have made in this and previous > messages is that there are a number of incremental deployment > scenarios where the need for the sort of transitive property you cite > is not needed, and there are scenarios where it could lead to bad > decisions. OK. Lets have some specifics. What deployment scenarios? Where could transitive behaviour that only applies to selecting among incompletely authenticated results (and can be administratively disabled) lead to bad decisions? This would not be the first routing activity of the IETF that was great in theory but went nowhere because it had no practical deployment scenario. If it goes nowhere it is a waste of our time. Curtis _______________________________________________ RPSEC mailing list RPSEC@ietf.org https://www1.ietf.org/mailman/listinfo/rpsec
- [RPSEC] BGP Security Requirements v08 Tony Tauber
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Tony Tauber
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Joe Touch
- RE: [RPSEC] BGP Security Requirements v08 Barry Greene (bgreene)
- Re: [RPSEC] BGP Security Requirements v08 Tony Tauber
- Re: [RPSEC] BGP Security Requirements v08 Joe Touch
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Joe Touch
- RE: [RPSEC] BGP Security Requirements v08 Barry Greene (bgreene)
- Re: [RPSEC] BGP Security Requirements v08 Joe Touch
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Joe Touch
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Michael H. Behringer
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Robert Loomans
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- RE: [RPSEC] BGP Security Requirements v08 James Ko
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Tony Tauber
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Sandy Murphy
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Russ White
- Re: [RPSEC] BGP Security Requirements v08 tom.petch
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Curtis Villamizar
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent
- Re: [RPSEC] BGP Security Requirements v08 Stephen Kent