Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
Sandra Murphy <sandy@tislabs.com> Wed, 07 October 2015 01:31 UTC
Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E91DC1B4282 for <sidr@ietfa.amsl.com>; Tue, 6 Oct 2015 18:31:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Z40ZD_yg_Df for <sidr@ietfa.amsl.com>; Tue, 6 Oct 2015 18:31:50 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A16991B4280 for <sidr@ietf.org>; Tue, 6 Oct 2015 18:31:50 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id E061C28B0041 for <sidr@ietf.org>; Tue, 6 Oct 2015 21:31:49 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 5C5E01F8035; Tue, 6 Oct 2015 21:31:49 -0400 (EDT)
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_CAB88850-B181-4BD5-9CB8-BC4E2AB54E75"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5.1
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <m2613ca3kf.wl%randy@psg.com>
Date: Tue, 06 Oct 2015 21:31:40 -0400
Message-Id: <0F44566E-2054-4ECA-83AF-EE39585E841E@tislabs.com>
References: <SN1PR09MB079938B1A44171328C0B16CA846A0@SN1PR09MB0799.namprd09.prod.outlook.com> <D20B8CAC.45839%dougm@nist.gov> <CY1PR09MB079376AC097FDDB73531814184690@CY1PR09MB0793.namprd09.prod.outlook.com> <m2613ca3kf.wl%randy@psg.com>
To: sidr wg list <sidr@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/Pnegayf6AVfiBOBJ1YTnfMIriYg>
Cc: Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2015 01:31:52 -0000
This conversation seems to have come to a close. The wg chairs see wg consensus as follows: The problem is real enough to merit a protocol change. The change is to cover more raw info in the signatures, rather than signature chaining only, along the lines of http://www.ietf.org/mail-archive/web/sidr/current/msg07258.html (see also the new archiving tool https://mailarchive.ietf.org/arch/msg/sidr/sXUj7lgieri0Wrv5PK5u7PfLtxc). In addition, maintaining ordering was also noted as important to some http://www.ietf.org/mail-archive/web/sidr/current/msg07261.html http://www.ietf.org/mail-archive/web/sidr/current/msg07270.html http://www.ietf.org/mail-archive/web/sidr/current/msg07271.html The authors of draft-ietf-sidr-bgpsec-protocol-13 are requested to submit a revised version of the draft. The changes are significant enough that the revised draft will go through a wglc, focussed on the changes for this issue, so shorter than normal. —Sandy, speaking as one of the wg co-chairs
- [sidr] draft-ietf-sidr-bgpsec-protocol-13's secur… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Randy Bush
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Rob Austein
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sriram, Kotikalapudi
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Rob Austein
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Borchert, Oliver
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Borchert, Oliver
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Randy Bush
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sriram, Kotikalapudi
- [sidr] replay threats (was: draft-ietf-sidr-bgpse… Randy Bush
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sriram, Kotikalapudi
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Rob Austein
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Rob Austein
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Stephen Kent
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… David Mandelberg
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sriram, Kotikalapudi
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Randy Bush
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's s… Matthew Lepinski
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pro… Sriram, Kotikalapudi
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pro… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pro… Sriram, Kotikalapudi