IETF Logo Mail Archive

Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees

Randy Bush <randy@psg.com> Thu, 27 August 2015 21:02 UTC

Return-Path: <randy@psg.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E63B41A92E6 for <sidr@ietfa.amsl.com>; Thu, 27 Aug 2015 14:02:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcnlcnw7WdS8 for <sidr@ietfa.amsl.com>; Thu, 27 Aug 2015 14:02:38 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62E8A1A8AB5 for <sidr@ietf.org>; Thu, 27 Aug 2015 14:02:30 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1ZV4JY-00046I-HS; Thu, 27 Aug 2015 21:02:28 +0000
Date: Fri, 28 Aug 2015 06:02:27 +0900
Message-ID: <m2zj1ctpgc.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <25C98F11-9273-4B80-8B3A-FB486166E21D@tislabs.com>
References: <f12cf36b3ee80798852c3fa13485b50d@mail.mandelberg.org> <m26141wpiz.wl%randy@psg.com> <25C98F11-9273-4B80-8B3A-FB486166E21D@tislabs.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/CNU6np2RNuVEKg7987QhCrhBfVg>
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 21:02:40 -0000

>> an intermediate AS, which does not validate but signs, could apply 
> I’d say that the intermediate AS who didn’t verify the signatures it
> received could be acting on bad info at any time, without any
> conspiring ASs around.  The intermediate AS has no more assurance than
> a non-bgpsec speaker that the route it receives is valid.

it is not worse than unsecured is a form of reasoning i do not buy.

>> prefix-based local policy based on the wrong prefix.  same for any
>> bgp4 peers it may have.
> 
> I see nothing in David’s message about a prefix, so I’m not sure what
> you are talking about.

sorry, i forgot that bgp announces beers.

the colluding systems could have signed a hash of lager when the label
on the announcement was pils.  the intermediate system which does not
validate could base it's mains order on pils and tell it's
non-validating peers to have a pils with them.

> But the intermediate AS and any bgp4 (i.e. non-bgpsec speakers?) peers
> have chosen to be insecure - I see no reason to be concerned.

same fallacious argument.  we are supposed to be making things better,
not leaving them the same.

randy

v2.23.0 | Report a Bug | By Email