IETF Logo Mail Archive

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-overview ENDING: 10/21/2015)

"Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov> Wed, 14 October 2015 23:21 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4411A1A33; Wed, 14 Oct 2015 16:21:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4tgXeg_GwWEv; Wed, 14 Oct 2015 16:21:02 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0794.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::794]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BA251A1A15; Wed, 14 Oct 2015 16:21:01 -0700 (PDT)
Received: from CY1PR09MB0793.namprd09.prod.outlook.com (10.163.43.143) by CY1PR09MB0793.namprd09.prod.outlook.com (10.163.43.143) with Microsoft SMTP Server (TLS) id 15.1.300.14; Wed, 14 Oct 2015 23:20:43 +0000
Received: from CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) by CY1PR09MB0793.namprd09.prod.outlook.com ([10.163.43.143]) with mapi id 15.01.0300.010; Wed, 14 Oct 2015 23:20:43 +0000
From: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>
To: "George, Wes" <wesley.george@twcable.com>, Chris Morrow <morrowc@ops-netman.net>, "sidr-chairs@ietf.org" <sidr-chairs@ietf.org>, "sidr@ietf.org" <sidr@ietf.org>
Thread-Topic: [sidr] WGLC: draft-ietf-sidr-bgpsec-overview ENDING: 10/21/2015)
Thread-Index: AQHRBsbkap7SgdO4QkCreBatmHEYy55rixDg
Date: Wed, 14 Oct 2015 23:20:42 +0000
Message-ID: <CY1PR09MB079361CBE768BE1B62DBCAEA843F0@CY1PR09MB0793.namprd09.prod.outlook.com>
References: <yj9osi5mae4p.wl%morrowc@ops-netman.net> <D2442A8C.6CE45%wesley.george@twcable.com>
In-Reply-To: <D2442A8C.6CE45%wesley.george@twcable.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kotikalapudi.sriram@nist.gov;
x-originating-ip: [129.6.140.100]
x-microsoft-exchange-diagnostics: 1; CY1PR09MB0793; 5:FwFb2EJEG3aax1C4OmROA4vvrXUH+yULCPyRUjJDpk46gWrXvPF5AWb/xLmzzDarxRNUJiyalC8fti/uMzebsntw9bJd7D7tf/NKdCb+mxIMhKgb4ohpRQlajdtBH2c9NkDX548Zfawtl1YWV2t5LQ==; 24:zS4n0y3UMyEtkwORcFwpJ8AqNOFXVOG75SoQigQ1C3iwf/jNWjACIHmSlt04BpjNzvg8WZwLHtLqhfFWu/TVU8Q5hSTb14VceUMettNJSCg=; 20:U0dz6g4Ry+PWg/rgrU6cWe7f4iF4WkOzVRncZgsdiImEx/+RT0k7y1DHgcx/st8KM2y83dUudlgMbZhmUBe5rA==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR09MB0793;
x-microsoft-antispam-prvs: <CY1PR09MB0793DD1382F1FF7608CAA767843F0@CY1PR09MB0793.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(5005006)(8121501046)(3002001); SRVR:CY1PR09MB0793; BCL:0; PCL:0; RULEID:; SRVR:CY1PR09MB0793;
x-forefront-prvs: 0729050452
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(199003)(5423002)(189002)(51444003)(122556002)(76576001)(11100500001)(81156007)(5004730100002)(5002640100001)(101416001)(189998001)(86362001)(5001960100002)(2501003)(107886002)(230783001)(76176999)(54356999)(5007970100001)(50986999)(40100003)(2900100001)(102836002)(2950100001)(5001770100001)(77096005)(92566002)(5008740100001)(97736004)(10400500002)(64706001)(87936001)(66066001)(46102003)(106116001)(105586002)(74316001)(99286002)(2201001)(106356001)(33656002)(5003600100002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR09MB0793; H:CY1PR09MB0793.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Oct 2015 23:20:42.9055 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR09MB0793
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/cRXmbV0j5B603Y-NsoJrwOdMvwk>
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-overview ENDING: 10/21/2015)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Oct 2015 23:21:06 -0000

>I think that this is a specific corner case for the more generic case of incremental 
>deployment, where a given path has some routers/ASNs that support BGPSec 
>and some that do not, and as far as I can tell, incremental deployment isn't really 
>discussed as a concept beyond the [non]negotiation of support between peers.

We did talk about the concept of BGPsec islands in [draft-sriram-bgpsec-design-choices].

"6.3.2.  Discussion

   During partial deployment, there will be BGPSEC islands as a result
   of this approach to incremental deployment.  Updates that originate
   within a BGPSEC island will generally propagate with signed AS paths
   to the edges of that island."

A natural consequence of the [non]negotiation of support between peers,
is the formation of BGPsec islands. 
That is indeed how incremental deployment would look like.
We should expand on the discussion there to add that as BGPsec adoption grows,
the islands will expand outward (subsuming non-BGPsec portions of the Internet)
and/or pairs of islands may join together to form larger BGPsec islands.   

>There is a discussion in 6.4 of Sriram's design-choices doc, but I think it's incomplete 
>since it only discusses it in terms of it being unacceptable to sign updates that it can't verify.

"unacceptable to sign updates that it can't verify" -- I don't read that in Section 6.4. 

"6.4.1.  Decision

   It was decided that partial path signing in BGPSEC will not be
   allowed.  A BGPSEC update must be fully signed, i.e., each AS in the
   AS-PATH must sign the update.  So in a signed update there must be a
   signature corresponding each AS in the AS path."

>Put differently: "I have no idea whether the people before Randy were 
>telling the truth, but I can assert that Randy, Sandy, Chris, Matt, and Rob 
>all verifiably told the truth about their part of the path when they 
>sent the route to me." I think maybe that has some value in an incremental model, 
>but if it doesn't (or is sufficiently difficult to implement as to 
>negate the potential benefit), we should explain why.

The AS that you named Randy could be a bad actor,
and may have changed the AS path segment before it 
(dropped some ASes, reduced AS prepends, etc.).
Imagine Rob receives another update for the same NLRI that is completely unsigned,
and it has a path via Wes, Chris, and Jeff.
Let us say both updates pass origin validation. 
Should Rob trust the partially-singed update via Randy, Sandy, Chris, and  Matt,
or should he trust the completely unsigned latter update?
If Rob gives priority to partially-signed path over completely unsigned path,
there is potential for trouble (as in the example above).
Then what is the use of partially signed updates? 
That the was kind of reasoning why the design decision was made not to allow
partially signed paths. This reasoning is outlined in Section 6.4.2 of the 
design choices doc, but certainly the explanation can be further improved.

Thank you.

Sriram

v2.23.0 | Report a Bug | By Email