IETF Logo Mail Archive

Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees

Sandra Murphy <sandy@tislabs.com> Thu, 27 August 2015 20:45 UTC

Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43E031A903E for <sidr@ietfa.amsl.com>; Thu, 27 Aug 2015 13:45:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y3LEOgkUc_9n for <sidr@ietfa.amsl.com>; Thu, 27 Aug 2015 13:45:26 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E719E1A8BBD for <sidr@ietf.org>; Thu, 27 Aug 2015 13:45:25 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id 4BB0F28B003D; Thu, 27 Aug 2015 16:45:25 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 4216A1F804E; Thu, 27 Aug 2015 16:45:25 -0400 (EDT)
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_7D8E9C43-EE12-4E73-860A-3D340BF2E65E"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <m26141wpiz.wl%randy@psg.com>
Date: Thu, 27 Aug 2015 16:45:11 -0400
Message-Id: <25C98F11-9273-4B80-8B3A-FB486166E21D@tislabs.com>
References: <f12cf36b3ee80798852c3fa13485b50d@mail.mandelberg.org> <m26141wpiz.wl%randy@psg.com>
To: Randy Bush <randy@psg.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/98tuTKqK49wkCOF50-eq8edSVic>
Cc: sidr@ietf.org, David Mandelberg <david@mandelberg.org>, Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 20:45:27 -0000

Speaking as regular ol’ member:

On Aug 26, 2015, at 8:20 PM, Randy Bush <randy@psg.com> wrote:

> good catch.
> 
> one consequence
> 
> an intermediate AS, which does not validate but signs, could apply

I’d say that the intermediate AS who didn’t verify the signatures it received could be acting on bad info at any time, without any conspiring ASs around.  The intermediate AS has no more assurance than a non-bgpsec speaker that the route it receives is valid.

So I don’t think anything that happens to the intermediate AS is something to worry about.

> prefix-based local policy based on the wrong prefix.  same for any
> bgp4 peers it may have.

I see nothing in David’s message about a prefix, so I’m not sure what you are talking about.

But the intermediate AS and any bgp4 (i.e. non-bgpsec speakers?) peers have chosen to be insecure - I see no reason to be concerned.

—Sandy, speaking as regular ol’ member

v2.23.0 | Report a Bug | By Email