Re: [sidr] BGPSEC Threat Model ID
Christopher Morrow <morrowc.lists@gmail.com> Fri, 04 November 2011 21:24 UTC
Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5C4111E8097 for <sidr@ietfa.amsl.com>; Fri, 4 Nov 2011 14:24:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.54
X-Spam-Level:
X-Spam-Status: No, score=-103.54 tagged_above=-999 required=5 tests=[AWL=0.059, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwnfux6AxdeC for <sidr@ietfa.amsl.com>; Fri, 4 Nov 2011 14:24:00 -0700 (PDT)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by ietfa.amsl.com (Postfix) with ESMTP id 0E3D711E808B for <sidr@ietf.org>; Fri, 4 Nov 2011 14:23:59 -0700 (PDT)
Received: by qadc10 with SMTP id c10so3246466qad.31 for <sidr@ietf.org>; Fri, 04 Nov 2011 14:23:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=uxUtBQR7cf8INM8/Jh9189bdE05sxT5jFxhg0maRCmQ=; b=whLAyjx+g0B7lbh0ocAaBG6aPFDhWC1ubBJRfwZcX0SQQvs2kB+6kQwaSrJvLULYgh boUpQq0o3yU0cPcR3iXdwMKyHvdKkYc+Q6pL2LdlnrsvqXj3De6Mran0fe6BjCQSf8hj vk7f1h0wgRIzJXjMdG0Cf8rtRgw1NoGcGJk1w=
MIME-Version: 1.0
Received: by 10.50.36.161 with SMTP id r1mr14565873igj.37.1320441838320; Fri, 04 Nov 2011 14:23:58 -0700 (PDT)
Sender: christopher.morrow@gmail.com
Received: by 10.231.202.142 with HTTP; Fri, 4 Nov 2011 14:23:58 -0700 (PDT)
In-Reply-To: <CAH1iCioH8jm36-COFxyoxqaxGAK+VHrSAT2dTjqOUApTqE+SrQ@mail.gmail.com>
References: <E96517DD-BAC7-4DD8-B345-562F71788C6A@tcb.net> <p06240807cad42f85eb7d@193.0.26.186> <32744.216.168.239.87.1320175657.squirrel@webmail.tcb.net> <p06240801cad6ab773279@193.0.26.186> <D9A38669-883D-4090-9F95-BC5C63220950@tcb.net> <p06240801cad800485596@193.0.26.186> <EEBF68E0-FAD9-4AF3-B81B-78760D200D9B@tcb.net> <p06240808cad85ff73d61@193.0.26.186> <080F8FFF-D2C7-4414-B53A-233F88D2009F@vpnc.org> <CAFU7BATC-6DUDNuadakwSa5wj0ryy0=49=XveBXD5Wv=5JL-ag@mail.gmail.com> <m2aa8c489s.wl%randy@psg.com> <CAH1iCioH8jm36-COFxyoxqaxGAK+VHrSAT2dTjqOUApTqE+SrQ@mail.gmail.com>
Date: Fri, 04 Nov 2011 17:23:58 -0400
X-Google-Sender-Auth: IS_4teFqOD8LTvCjA3FmoJjZez0
Message-ID: <CAL9jLab8hjcZSCvgFkKj8tC613Qag6TkbpRnQfj8CHAZ9YPf0g@mail.gmail.com>
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Brian Dickson <brian.peter.dickson@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSEC Threat Model ID
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2011 21:24:00 -0000
On Fri, Nov 4, 2011 at 4:52 PM, Brian Dickson <brian.peter.dickson@gmail.com> wrote: > On Fri, Nov 4, 2011 at 4:11 AM, Randy Bush <randy@psg.com> wrote: >> could someone post a clear technical explanation of WHAT a route leak >> is, > > I'll bite. > > It requires carefully a constructed definition, first: > "Customer" - A is a customer of B iff A has an arrangement with B > which explicitly allows B to announce A's routes to any third party, > and for B to announce B's entire routing table to A. > > Customer is a technical arrangement, regardless of how or why that > arrangement was arrived at, e.g. paying money. channeling russ: "where is this arrangement publicly documented?" (So I can know it and put it into my algorithm) > If A is a customer of B, A is allowed to announce A's own routes (and > by extension A's customer's routes) to B. > A _may_ (or may not, at A's discretion) signal to B that A wishes B to > forward all (or a subset) of A's (and A's customers) routes to third > parties. > A is not _required_ to do so, and A may further signal that B should > only send those prefixes to a subset of third parties with whom B > peers. > > (Observe: B may always announce A's routes to B's other customers.) > > A route leak occurs, when B announces non-customer routes to non-customers. > > (Those would be routes for which B has not been given explicit > _blanket_ permission to announce to third parties.) > Where is this documented? (this permissions giving) How is this enforced? (the permission) what about cases of partial transit? (I sent a route to B, and requested he NOT send it to the world at large) how is that sort of thing documented? (again, channeling russ) > If A (a customer of B) signals to B to not announce a subset of routes > to B's non-customers, but B does so anyways, that would _not_ > constitute a true route-leak as such. depends on your perspective I suppose, no? Doesn't RPSL today have the ability to signal: "Send partial routes to Foo and Full routes to Bar" ? > (It would, however, be a contractual and technical issue that would > normally be resolved between A and B.) > > If it helps, I've tried to illustrate the leak/no-leak distinction below... it didn't really... re-explaining valley-free routing with mistakes due to agreements not-available 2 as-hops away isn't helpful. Routes leak, people should filter... not new knowledge. -chris
- [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Paul Hoffman
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Jen Linkova
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Sriram, Kotikalapudi
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson