Re: [sidr] BGPSEC Threat Model ID
Brian Dickson <brian.peter.dickson@gmail.com> Mon, 07 November 2011 19:08 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BF5211E80A3 for <sidr@ietfa.amsl.com>; Mon, 7 Nov 2011 11:08:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.589
X-Spam-Level:
X-Spam-Status: No, score=-3.589 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hTSSIbX4qSDr for <sidr@ietfa.amsl.com>; Mon, 7 Nov 2011 11:08:45 -0800 (PST)
Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by ietfa.amsl.com (Postfix) with ESMTP id B5ACA11E80A0 for <sidr@ietf.org>; Mon, 7 Nov 2011 11:08:44 -0800 (PST)
Received: by faas12 with SMTP id s12so6498615faa.31 for <sidr@ietf.org>; Mon, 07 Nov 2011 11:08:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=us6ksHH/QCfM9qgeJxvXccD/JSz2TV1YNwMNpFTWIjA=; b=adDvFR3se78pme51WW+xrZJNpwalnq1Shs5+eLRNys0YYI2K85xoKocjTFXpduiLGC 8oyj5+7C2pInx9sc3yE/8mjReeH2lkSR1A1tGTJh7LqW4MODlMpWe0sk6M1JcmHYiy43 dDIFA68QWomoHDzXKfhxORPmiFwEXoi4U9yxA=
MIME-Version: 1.0
Received: by 10.223.76.27 with SMTP id a27mr48778145fak.12.1320692923671; Mon, 07 Nov 2011 11:08:43 -0800 (PST)
Received: by 10.223.54.15 with HTTP; Mon, 7 Nov 2011 11:08:43 -0800 (PST)
In-Reply-To: <m2sjm31hzw.wl%randy@psg.com>
References: <E96517DD-BAC7-4DD8-B345-562F71788C6A@tcb.net> <p06240807cad42f85eb7d@193.0.26.186> <32744.216.168.239.87.1320175657.squirrel@webmail.tcb.net> <p06240801cad6ab773279@193.0.26.186> <D9A38669-883D-4090-9F95-BC5C63220950@tcb.net> <p06240801cad800485596@193.0.26.186> <EEBF68E0-FAD9-4AF3-B81B-78760D200D9B@tcb.net> <p06240808cad85ff73d61@193.0.26.186> <080F8FFF-D2C7-4414-B53A-233F88D2009F@vpnc.org> <CAFU7BATC-6DUDNuadakwSa5wj0ryy0=49=XveBXD5Wv=5JL-ag@mail.gmail.com> <m2aa8c489s.wl%randy@psg.com> <53FA9B4A-552C-4998-8F69-592A0F5AA13B@verisign.com> <CAL9jLaZj1wcmDnbm1f9=csUv2Uuq_w3rS6UEYmUHAQDPWT9zFg@mail.gmail.com> <CAH1iCiqmRjPTX7RFK+q=CJRWv9qwdMGdRc_G7GhKrV57dM-K3w@mail.gmail.com> <m2sjm31hzw.wl%randy@psg.com>
Date: Mon, 07 Nov 2011 14:08:43 -0500
Message-ID: <CAH1iCir8pNM8zUWXCf5CXW9BzrqTEcRrgz=+_38vqpdBvv2WpQ@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSEC Threat Model ID
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2011 19:08:45 -0000
On Fri, Nov 4, 2011 at 9:21 PM, Randy Bush <randy@psg.com> wrote: >> I suspect that it is a case of "accidental back-up transit via a >> peer". (I have seen this personally, where it was "malicious" instead >> of "accidental".) > > and i have seen it intentional and pre-agreed. life is not just simple > customer, peer, upstream. > > randy I think many of us have seen "special" arrangements, either first-hand, or involving our customer(s) as one or more of the parties to such an arrangement. I think if we categorize neighbors as "customer, transit, peer, special", that is still useful. Here's why: - as a general rule, "special" is negotiated between parties (two, or more-than-two, doesn't matter) - it is fine to have "customer" include "customer's customer et al", and even "customer's special neighbor" iff the customer wants - except when all the parties are part of a single "special" arrangements, "special" is non-transitive. - there can be many pools of "special", even with overlapping membership - pretty much by definition, "special" pools are contiguous - outside of that contiguous area, the boundary to that special area can be treated as a normal AS (by non-participants) - in fact, special pools could almost be treated like an AS Confederation The last two points basically say, if we ignore the goings-on within such a region, applying the simple rules (customer/transit/peer) are sufficient to prevent leaks crossing any boundary other than between region members. Take as a whole, this is more than sufficient benefit to employ, so long as it is possible for members of such regions to "remove the safeties". The exposure is strictly intra-region at that point, which is a lot better than it is today. Mechanisms for preventing route leaks don't have to necessarily be perfect to be useful, IMHO. Keeping the mechanics themselves simple, and the semantics clear, is the second most important part. Sensible defaults is the most important. Third is allowing network admins to disable them as needed. Kind of analogous to the three laws of robotics, now that I think about it... Brian
- [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Paul Hoffman
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Jen Linkova
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Sriram, Kotikalapudi
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson