Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 04 January 2017 19:33 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52F7D1296AD; Wed, 4 Jan 2017 11:33:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.401
X-Spam-Level:
X-Spam-Status: No, score=-7.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uxkgpm2rc-P6; Wed, 4 Jan 2017 11:33:05 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 216DC1296A6; Wed, 4 Jan 2017 11:33:04 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 99731BE38; Wed, 4 Jan 2017 19:33:02 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ei6B3sEn3KrK; Wed, 4 Jan 2017 19:33:01 +0000 (GMT)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 97810BE2E; Wed, 4 Jan 2017 19:33:00 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1483558381; bh=cUoQWEFyLGMPI/uRSrggVmhbkPUbLiQ4tXyv2Ysgkmg=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=EqJM5KqW9G7ZKDy73xW3qUFG5GNN0zaIQ1LKMqEIR+PggqaNILL38sTTlXx+ilhz/ CgRQhEnJwdORUNxftfHAazn7QQ6937hL34a7lAg5D7DQHl9i3iHzUvIbnD8IgMJrq9 F/pQVfir4YaL5vPt33wx2QcVuVO+SIhzWxhQnVs8=
To: Russ Housley <housley@vigilsec.com>
References: <148353798879.13011.5291414579598073386.idtracker@ietfa.amsl.com> <B659D894-672F-4059-A001-5C4D1D602470@vigilsec.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <3ae7d707-3229-2508-7aeb-2cd617aa97fd@cs.tcd.ie>
Date: Wed, 04 Jan 2017 19:33:00 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <B659D894-672F-4059-A001-5C4D1D602470@vigilsec.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030103080806050205040504"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/2nFrHRXRx1J4uVcca6EViLBitC8>
Cc: IESG <iesg@ietf.org>, IETF SIDR <sidr@ietf.org>
Subject: Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 19:33:07 -0000
On 04/01/17 19:24, Russ Housley wrote: > >> ---------------------------------------------------------------------- >> >> DISCUSS: >> ---------------------------------------------------------------------- >> >> >> I have a couple of fairly straightforward things I'd >> like to briefly discuss... >> >> [snip] >> >> (3) section 8: Is there a potential exposure here in that a relying >> party who emits e.g. certificate status checks or cert retrieval >> queries for an RPKI cert they've not previously seen is exposing >> something about the set of paths its traffic is likely to follow. >> (This is similar to why we have OCSP stapling in the web.) IIRC the >> RPKI specs may cover this but I suspect it'd be worth noting here >> as well even if so as this represents exposing something about BGP >> announcement content to off-path parties which I think is new for >> BGP. Is that a new thing for BGP? (I think the new aspect to the >> attack is that a bad actor who has already compromised some AS >> could more easily spot that traffic from the relying party's AS is >> likely to transit the compromised AS.) > > I am not sure what you mean by a "compromised AS,” but it may not > matters … More or less if traffic to/from ASxxxx is visible to an attacker and/or can be modified by an attacker. That could be due to collusion between the AS and an attacker for example, or because an attacker has compromised some routers within a transit AS. > > If a link goes down, I'm not sure this is only if a link goes down. I'd guess the same risk would exist when any BGPsec path is first seen at a relying party and where that RP doesn't have all the necessary RPKI stuff cached before signature validation. . and that causes an alternative path to be > selected, that forces the validation a new path which might involve a > previously unvalidated AS. If an OCSP responder or repository that > provides RPKI objects is contacted as part of that validation, then > some external entities can detect that something is changing. That > is, stuff not normally validated because it is associated with a > unselected path gets fetched. Right. Sorry to not be clearer on what might become visible to the network outside the RP's AS - I'm afraid I just don't have all the RPKI details in my head;-) > > That said, the NOC could fetch a snapshot of the RPKI, then the > exposure of the switch to a new path can be limited to that AS. This > assumes that the snapshot uses CRLs, which seems like a very > reasonable choice in the RPKI. Right, I think all that'd be needed for this would be to ack that there's this (normally fairly minor) new risk and that you can avoid it if you pre-fetch enough stuff. (As a separate question, I wonder if the amount of stuff involved in the RPKI is such that it'd be fairly easy to pre-fetch it all frequently enough to nearly never hit this problem.) Cheers, S. > > Russ >
- [sidr] Stephen Farrell's Discuss on draft-ietf-si… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sean Turner
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Russ Housley
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Mehmet Adalier (Antara Teknik)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Randy Bush