Re: [sidr] Burstiness of BGP updates

Jakob Heitz <jakob.heitz@ericsson.com> Wed, 16 November 2011 03:29 UTC

Return-Path: <jakob.heitz@ericsson.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D21B11E80B1 for <sidr@ietfa.amsl.com>; Tue, 15 Nov 2011 19:29:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.34
X-Spam-Level:
X-Spam-Status: No, score=-6.34 tagged_above=-999 required=5 tests=[AWL=0.259, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jAHuK3AC36FI for <sidr@ietfa.amsl.com>; Tue, 15 Nov 2011 19:29:53 -0800 (PST)
Received: from imr4.ericy.com (imr4.ericy.com [198.24.6.9]) by ietfa.amsl.com (Postfix) with ESMTP id 2391711E8095 for <sidr@ietf.org>; Tue, 15 Nov 2011 19:29:53 -0800 (PST)
Received: from eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) by imr4.ericy.com (8.14.3/8.14.3/Debian-9.1ubuntu1) with ESMTP id pAG3TlYv022932; Tue, 15 Nov 2011 21:29:52 -0600
Received: from EUSAACMS0701.eamcs.ericsson.se ([169.254.1.111]) by eusaamw0707.eamcs.ericsson.se ([147.117.20.32]) with mapi; Tue, 15 Nov 2011 22:29:42 -0500
From: Jakob Heitz <jakob.heitz@ericsson.com>
To: Russ White <russw@riw.us>
Date: Tue, 15 Nov 2011 22:29:40 -0500
Thread-Topic: [sidr] Burstiness of BGP updates
Thread-Index: AcykDWyVP4DmM8cmR5+FuAQQ4oXUkwAAXpRw
Message-ID: <7309FCBCAE981B43ABBE69B31C8D21391A45A2062E@EUSAACMS0701.eamcs.ericsson.se>
References: <D7A0423E5E193F40BE6E94126930C49308E9E35567@MBCLUSTER.xchange.nist.gov> <7309FCBCAE981B43ABBE69B31C8D21391A45A1F85D@EUSAACMS0701.eamcs.ericsson.se> <m2fwhqeq5i.wl%randy@psg.com> <CCE759E6-BEA6-433B-957A-6559C67BAD52@ericsson.com> <DCC302FAA9FE5F4BBA4DCAD4656937791452387941@PRVPEXVS03.corp.twcable.com> <7309FCBCAE981B43ABBE69B31C8D21391A45A1FE9F@EUSAACMS0701.eamcs.ericsson.se> <DCC302FAA9FE5F4BBA4DCAD4656937791452387978@PRVPEXVS03.corp.twcable.com> <7309FCBCAE981B43ABBE69B31C8D21391A45A1FEC8@EUSAACMS0701.eamcs.ericsson.se> <4EC3125D.4000309@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A2061F@EUSAACMS0701.eamcs.ericsson.se> <4EC329C6.4090600@riw.us>
In-Reply-To: <4EC329C6.4090600@riw.us>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] Burstiness of BGP updates
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Nov 2011 03:29:53 -0000

> -----Original Message-----
> From: Russ White [mailto:russw@riw.us]
> Sent: Tuesday, November 15, 2011 7:11 PM
> 
> Sorry, but I don't see how this really helps... What if I'm really
> lazy, and just never process the signatures? What if I use a route
> for several minutes, then suddenly realize it's not a valid route?
> Is it okay to steal 500 people's usernames and passwords, and not
> 1000? Time is an important element in routing systems, both for
> convergence and security.

I don't understand how BGPSEC is going to prevent anyone
stealing passwords. To me, all this talk of BGP validation
preventing hacks is a load of fantasy.

The only utility I can see is in protecting reachability.
The only problem I can imagine with installing an unsigned
route is that the destination becomes unreachable. If it
was unreachable to begin with, no harm is done.

--
Jakob Heitz. x25475. 510-566-2901