IETF Logo Mail Archive

Re: [sidr] Key learning procedures in BGPsec?

Eric Osterweil <eosterweil@verisign.com> Tue, 24 January 2012 18:44 UTC

Return-Path: <eosterweil@verisign.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DABE521F84D1 for <sidr@ietfa.amsl.com>; Tue, 24 Jan 2012 10:44:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.544
X-Spam-Level:
X-Spam-Status: No, score=-6.544 tagged_above=-999 required=5 tests=[AWL=0.055, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2CjHwizXXGq8 for <sidr@ietfa.amsl.com>; Tue, 24 Jan 2012 10:44:36 -0800 (PST)
Received: from exprod6og105.obsmtp.com (exprod6og105.obsmtp.com [64.18.1.189]) by ietfa.amsl.com (Postfix) with ESMTP id 3C51921F84C5 for <sidr@ietf.org>; Tue, 24 Jan 2012 10:44:36 -0800 (PST)
Received: from osprey.verisign.com ([216.168.239.75]) (using TLSv1) by exprod6ob105.postini.com ([64.18.5.12]) with SMTP ID DSNKTx78EXVg0zOF9CKWoFZU0VWtpIqJQ9Il@postini.com; Tue, 24 Jan 2012 10:44:36 PST
Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id q0OIiX1e025965; Tue, 24 Jan 2012 13:44:33 -0500
Received: from dul1eosterwe-m1.vcorp.ad.vrsn.com ([10.88.30.33]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 24 Jan 2012 13:44:33 -0500
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Eric Osterweil <eosterweil@verisign.com>
In-Reply-To: <p06240802cb43737b14d4@[10.243.32.68]>
Date: Tue, 24 Jan 2012 13:44:32 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <CE4FBF7E-A622-4749-9AC3-E105F1DC1DE2@verisign.com>
References: <13269421-8A36-4628-9F1A-30E02B922AE1@verisign.com> <p06240806cb3cd066c995@[128.89.89.66]> <59DDDCF5-4FED-4B66-9739-59BAECD00027@verisign.com> <p06240808cb3e3f6ac87a@[128.89.89.66]> <8A9451E4-35C1-456B-960C-7FD150C0CF4C@verisign.com> <p06240802cb43737b14d4@[10.243.32.68]>
To: Stephen Kent <kent@bbn.com>
X-Mailer: Apple Mail (2.1084)
X-OriginalArrivalTime: 24 Jan 2012 18:44:33.0338 (UTC) FILETIME=[36BA11A0:01CCDAC8]
Cc: "sidr@ietf.org list" <sidr@ietf.org>
Subject: Re: [sidr] Key learning procedures in BGPsec?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2012 18:44:38 -0000

On Jan 23, 2012, at 3:31 PM, Stephen Kent wrote:

> At 10:39 PM -0500 1/19/12, Eric Osterweil wrote:
>> ...
>> >
>>> Even if there are many fewer certs, inconsistent caches would pose a problem. Unless we're discussing an emergency rekey for a cert, the smart procedure is to post a new cert well before the old one expires, allowing RPs to retrieve the new one in plenty of time.
>> 
>> Yeah, I agree with your comment about getting keys out ahead of time.  However, with a corpus of keys that could well order in the millions, I would worry that the inherent churn and resource requirements are going to be well more than we are (or at least I was) expecting.
> 
> speak for yourself :-).

Good one...

> 
>> > There is not yet an operational guidance doc for router cert management, but
>>> I anticipate this sort of guidance will appear there.
>> 
>> Will it include some discussion about scaling?  I think this key-per-router idea could turn out to be Pandora's box.  While having a key or two per AS or per prefix may allow us to use elements of today's routing system to give us some idea about how churn and dynamics _may_ look, I'm kind of worried now that we haven't properly evaluated how enormous the resource dependencies will be with per-router-keys.  Are there any specific plans to write this up anywhere?
> 
> I anticipate that an operational considerations doc will be written.

Great, I'd like to request that some form of complexity analysis be included (even just back of the envelope kinds of explanations).

Thanks,

Eric

v2.23.0 | Report a Bug | By Email