IETF Logo Mail Archive

Re: [sidr] Key learning procedures in BGPsec?

Stephen Kent <kent@bbn.com> Tue, 24 January 2012 00:06 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AFD821F86AA for <sidr@ietfa.amsl.com>; Mon, 23 Jan 2012 16:06:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.145
X-Spam-Level:
X-Spam-Status: No, score=-106.145 tagged_above=-999 required=5 tests=[AWL=0.410, BAYES_00=-2.599, DATE_IN_PAST_03_06=0.044, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kiZkzjfWfjzK for <sidr@ietfa.amsl.com>; Mon, 23 Jan 2012 16:06:14 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 8936B21F86AF for <sidr@ietf.org>; Mon, 23 Jan 2012 16:06:14 -0800 (PST)
Received: from dommiel.bbn.com ([192.1.122.15]:46528 helo=[172.20.8.192]) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1RpTtt-000Fvc-SI; Mon, 23 Jan 2012 19:06:14 -0500
Mime-Version: 1.0
Message-Id: <p06240802cb43737b14d4@[10.243.32.68]>
In-Reply-To: <8A9451E4-35C1-456B-960C-7FD150C0CF4C@verisign.com>
References: <13269421-8A36-4628-9F1A-30E02B922AE1@verisign.com> <p06240806cb3cd066c995@[128.89.89.66]> <59DDDCF5-4FED-4B66-9739-59BAECD00027@verisign.com> <p06240808cb3e3f6ac87a@[128.89.89.66]> <8A9451E4-35C1-456B-960C-7FD150C0CF4C@verisign.com>
Date: Mon, 23 Jan 2012 15:31:03 -0500
To: Eric Osterweil <eosterweil@verisign.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: "sidr@ietf.org list" <sidr@ietf.org>
Subject: Re: [sidr] Key learning procedures in BGPsec?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2012 00:06:15 -0000

At 10:39 PM -0500 1/19/12, Eric Osterweil wrote:
>...
>  >
>>  Even if there are many fewer certs, inconsistent caches would pose 
>>a problem. Unless we're discussing an emergency rekey for a cert, 
>>the smart procedure is to post a new cert well before the old one 
>>expires, allowing RPs to retrieve the new one in plenty of time.
>
>Yeah, I agree with your comment about getting keys out ahead of 
>time.  However, with a corpus of keys that could well order in the 
>millions, I would worry that the inherent churn and resource 
>requirements are going to be well more than we are (or at least I 
>was) expecting.

speak for yourself :-).

>  > There is not yet an operational guidance doc for router cert 
>management, but
>>  I anticipate this sort of guidance will appear there.
>
>Will it include some discussion about scaling?  I think this 
>key-per-router idea could turn out to be Pandora's box.  While 
>having a key or two per AS or per prefix may allow us to use 
>elements of today's routing system to give us some idea about how 
>churn and dynamics _may_ look, I'm kind of worried now that we 
>haven't properly evaluated how enormous the resource dependencies 
>will be with per-router-keys.  Are there any specific plans to write 
>this up anywhere?

I anticipate that an operational considerations doc will be written.

Steve

v2.23.0 | Report a Bug | By Email