IETF Logo Mail Archive

Re: [RPSEC] BGP Security Requirements v08

Russ White <riw@cisco.com> Fri, 13 July 2007 21:57 UTC

Return-path: <rpsec-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9T8j-0003AQ-UC; Fri, 13 Jul 2007 17:57:29 -0400
Received: from rpsec by megatron.ietf.org with local (Exim 4.43) id 1I9T8j-0003AK-01 for rpsec-confirm+ok@megatron.ietf.org; Fri, 13 Jul 2007 17:57:29 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I9T8i-0003AC-LM for rpsec@ietf.org; Fri, 13 Jul 2007 17:57:28 -0400
Received: from sj-iport-6.cisco.com ([171.71.176.117]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1I9T8i-0002Ru-B7 for rpsec@ietf.org; Fri, 13 Jul 2007 17:57:28 -0400
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-6.cisco.com with ESMTP; 13 Jul 2007 14:57:27 -0700
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ao8CAEaSl0arR7MV/2dsb2JhbAA
X-IronPort-AV: i="4.16,538,1175497200"; d="scan'208"; a="181850410:sNHT26287308"
Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id l6DLvRcO027671; Fri, 13 Jul 2007 14:57:27 -0700
Received: from [192.168.100.205] (rtp-ruwhite-vpn13.cisco.com [10.82.175.126]) by sj-core-5.cisco.com (8.12.10/8.12.6) with SMTP id l6DLvKSb009192; Fri, 13 Jul 2007 21:57:21 GMT
Message-ID: <4697F531.3000105@cisco.com>
Date: Fri, 13 Jul 2007 17:57:05 -0400
From: Russ White <riw@cisco.com>
User-Agent: Thunderbird 2.0.0.4 (Windows/20070604)
MIME-Version: 1.0
To: Sandy Murphy <sandy@tislabs.com>
Subject: Re: [RPSEC] BGP Security Requirements v08
References: <20070713204932.3D6A63F420@pecan.tislabs.com>
In-Reply-To: <20070713204932.3D6A63F420@pecan.tislabs.com>
X-Enigmail-Version: 0.95.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1617; t=1184363847; x=1185227847; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=riw@cisco.com; z=From:=20Russ=20White=20<riw@cisco.com> |Subject:=20Re=3A=20[RPSEC]=20BGP=20Security=20Requirements=20v08 |Sender:=20; bh=0RkFUfVOYS+y+D7z0z+lom0SZW90qFIWhA7dmEgU3TU=; b=OmQnSRmJNnkgR5xFq9beJoB70O8hwD6eEF0I1Gb0kSmugaJR18pVLi8ZkyZoo8AyjuYI+qMK YJNBocJvE4DXxWmt2FpuZ54Nw7N4oE1Q7e0XDjsugY14b0vz0peQBaPaGtNHpnn1ccv7WznVCy b1bJM78oWwag97w7pqIl/6WBE=;
Authentication-Results: sj-dkim-1; header.From=riw@cisco.com; dkim=pass (sig from cisco.com/sjdkim1004 verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Cc: rcallon@juniper.net, rpsec@ietf.org, dward@cisco.com, psavola@funet.fi
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/rpsec>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>
Errors-To: rpsec-bounces@ietf.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>> I think so.... I wonder how this overlaps with the p-2-p bgp draft also
>> being considered?
> 
> I don't quite know what you mean by a p-2-p bgp draft.  The behringer
> draft concerns the security requirements of protecting the bgp peer to
> bgp peer connection (e.g., TCP MD5).  Perhaps that is what you are
> talking about?
> 
> http://www.ietf.org/internet-drafts/draft-behringer-bgp-session-sec-req-01.txt
> 
> Abstract
> 
>    The document "BGP security requirements"
>    (draft-ietf-rpsec-bgpsecrec-07) specifies general security
>    requirements for BGP.  However, specific security requirements for
>    single BGP sessions, i.e., the connection between two BGP peers, are
>    only touched on briefly in the section "transport layer protection".
>    This document expands on this particular aspect of BGP security,
>    defining the security requirements between two BGP peers.

Yes... We should pick this work up as a WG item, I think, because it
really relates directly to the charter. But, I'll leave it to Tony to
bring it up at the Chicago meeting (it overlaps with Networkers this
time, and I really can't skip Networkers, *sigh*.

We should try and see what folks think on list before then, if possible,
though, I think (?).

:-)

Russ

- --
riw@cisco.com CCIE <>< Grace Alone

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGl/UxER27sUhU9OQRAhb4AKDJRU5Emu0HvOTK4IZ1qxQoAk62DgCeKP1P
vlNLckQ+M00dNx/MrSsDboo=
=/PTq
-----END PGP SIGNATURE-----


_______________________________________________
RPSEC mailing list
RPSEC@ietf.org
https://www1.ietf.org/mailman/listinfo/rpsec

v2.8.7 | Report a Bug | By Email