IETF Logo Mail Archive

Re: [sidr] BGPSEC Threat Model ID

Stephen Kent <kent@bbn.com> Wed, 09 November 2011 18:57 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 373FC11E809A for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 10:57:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.443
X-Spam-Level:
X-Spam-Status: No, score=-106.443 tagged_above=-999 required=5 tests=[AWL=0.156, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N-74zZ0II9p9 for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 10:57:49 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id C315111E8083 for <sidr@ietf.org>; Wed, 9 Nov 2011 10:57:49 -0800 (PST)
Received: from dhcp89-089-006.bbn.com ([128.89.89.6]:49159) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1RODL4-0001Xh-By; Wed, 09 Nov 2011 13:57:34 -0500
Mime-Version: 1.0
Message-Id: <p06240806caddeb4faae0@[128.89.89.6]>
In-Reply-To: <10A3F6FD-1392-4E6E-A048-A8EED1E8C329@apnic.net>
References: <E96517DD-BAC7-4DD8-B345-562F71788C6A@tcb.net> <p06240807cad42f85eb7d@193.0.26.186> <32744.216.168.239.87.1320175657.squirrel@webmail.tcb.net> <p06240801cad6ab773279@193.0.26.186> <D9A38669-883D-4090-9F95-BC5C63220950@tcb.net> <p06240801cad800485596@193.0.26.186> <EEBF68E0-FAD9-4AF3-B81B-78760D200D9B@tcb.net> <p06240808cad85ff73d61@193.0.26.186> <080F8FFF-D2C7-4414-B53A-233F88D2009F@vpnc.org> <CAFU7BATC-6DUDNuadakwSa5wj0ryy0=49=XveBXD5Wv=5JL-ag@mail.gmail.com> <m2aa8c489s.wl%randy@psg.com> <53FA9B4A-552C-4998-8F69-592A0F5AA13B@verisign.com> <CAL9jLaZj1wcmDnbm1f9=csUv2Uuq_w3rS6UEYmUHAQDPWT9zFg@mail.gmail.com> <m262iz2xl8.wl%randy@psg.com> <A2661B25-CC2E-44E4-93CE-5AFE4F67E4DA@verisign.com> <m2pqh71hdz.wl%randy@psg.com> <10A3F6FD-1392-4E6E-A048-A8EED1E8C329@apnic.net>
Date: Wed, 09 Nov 2011 13:33:50 -0500
To: Geoff Huston <gih@apnic.net>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSEC Threat Model ID
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 18:57:50 -0000

At 3:09 PM +1100 11/5/11, Geoff Huston wrote:
>On 05/11/2011, at 12:34 PM, Randy Bush wrote:
>
>>>  I think the distinction between a leak and something more intentional
>>>  s a matter of policy.  Knowing the policy associated with the
>>>  adjacencies that an AS is leaking over would allow leaked
>>>  announcements to be identified
>>
>>  o We can not know intent, should Mary have announced the prefix to Bob
>
>
>I disagree with this assertion of impossibility. The intention of the routing
>policy databases in their various flavours and incarnations was to publish
>intent and allow others to filter based on intent.

Geoff,

I have been told that the lack of widely available, reliable IRR data 
out side of the RIPE region is due, in part, to a reluctance by 
operators to publish all of these details.  If that is true, then it 
argues against assuming the existence of such data on a global basis.

Steve

v2.23.0 | Report a Bug | By Email