IETF Logo Mail Archive

Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees

Sandra Murphy <sandy@tislabs.com> Wed, 07 October 2015 01:31 UTC

Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E91DC1B4282 for <sidr@ietfa.amsl.com>; Tue, 6 Oct 2015 18:31:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Z40ZD_yg_Df for <sidr@ietfa.amsl.com>; Tue, 6 Oct 2015 18:31:50 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A16991B4280 for <sidr@ietf.org>; Tue, 6 Oct 2015 18:31:50 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id E061C28B0041 for <sidr@ietf.org>; Tue, 6 Oct 2015 21:31:49 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 5C5E01F8035; Tue, 6 Oct 2015 21:31:49 -0400 (EDT)
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_CAB88850-B181-4BD5-9CB8-BC4E2AB54E75"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5.1
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <m2613ca3kf.wl%randy@psg.com>
Date: Tue, 06 Oct 2015 21:31:40 -0400
Message-Id: <0F44566E-2054-4ECA-83AF-EE39585E841E@tislabs.com>
References: <SN1PR09MB079938B1A44171328C0B16CA846A0@SN1PR09MB0799.namprd09.prod.outlook.com> <D20B8CAC.45839%dougm@nist.gov> <CY1PR09MB079376AC097FDDB73531814184690@CY1PR09MB0793.namprd09.prod.outlook.com> <m2613ca3kf.wl%randy@psg.com>
To: sidr wg list <sidr@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/Pnegayf6AVfiBOBJ1YTnfMIriYg>
Cc: Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2015 01:31:52 -0000

This conversation seems to have come to a close.

The wg chairs see wg consensus as follows:

The problem is real enough to merit a protocol change.

The change is to cover more raw info in the signatures, rather than signature chaining only, along the lines of
http://www.ietf.org/mail-archive/web/sidr/current/msg07258.html
(see also the new archiving tool https://mailarchive.ietf.org/arch/msg/sidr/sXUj7lgieri0Wrv5PK5u7PfLtxc).

In addition, maintaining ordering was also noted as important to some
http://www.ietf.org/mail-archive/web/sidr/current/msg07261.html
http://www.ietf.org/mail-archive/web/sidr/current/msg07270.html
http://www.ietf.org/mail-archive/web/sidr/current/msg07271.html


The authors of draft-ietf-sidr-bgpsec-protocol-13 are requested to submit a revised version of the draft.

The changes are significant enough that the revised draft will go through a wglc, focussed on the changes for this issue, so shorter than normal.

—Sandy, speaking as one of the wg co-chairs

v2.23.0 | Report a Bug | By Email