IETF Logo Mail Archive

Re: [sidr] BGPSEC Threat Model ID

Stephen Kent <kent@bbn.com> Wed, 09 November 2011 21:51 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D077311E80B0 for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 13:51:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.452
X-Spam-Level:
X-Spam-Status: No, score=-106.452 tagged_above=-999 required=5 tests=[AWL=0.147, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T-s-m+ptghcy for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 13:51:09 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 52B1411E8080 for <sidr@ietf.org>; Wed, 9 Nov 2011 13:51:09 -0800 (PST)
Received: from dhcp89-089-006.bbn.com ([128.89.89.6]:49163) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ROG2d-0006io-RV; Wed, 09 Nov 2011 16:50:45 -0500
Mime-Version: 1.0
Message-Id: <p0624080ecae08ff21cee@[128.89.89.6]>
In-Reply-To: <60C11709-5D46-474A-A4DB-ADE0675E73D8@apnic.net>
References: <E96517DD-BAC7-4DD8-B345-562F71788C6A@tcb.net> <p06240807cad42f85eb7d@193.0.26.186> <32744.216.168.239.87.1320175657.squirrel@webmail.tcb.net> <p06240801cad6ab773279@193.0.26.186> <D9A38669-883D-4090-9F95-BC5C63220950@tcb.net> <p06240801cad800485596@193.0.26.186> <EEBF68E0-FAD9-4AF3-B81B-78760D200D9B@tcb.net> <p06240808cad85ff73d61@193.0.26.186> <080F8FFF-D2C7-4414-B53A-233F88D2009F@vpnc.org> <CAFU7BATC-6DUDNuadakwSa5wj0ryy0=49=XveBXD5Wv=5JL-ag@mail.gmail.com> <m2aa8c489s.wl%randy@psg.com> <53FA9B4A-552C-4998-8F69-592A0F5AA13B@verisign.com> <CAL9jLaZj1wcmDnbm1f9=csUv2Uuq_w3rS6UEYmUHAQDPWT9zFg@mail.gmail.com> <m262iz2xl8.wl%randy@psg.com> <A2661B25-CC2E-44E4-93CE-5AFE4F67E4DA@verisign.com> <m2pqh71hdz.wl%randy@psg.com> <10A3F6FD-1392-4E6E-A048-A8EED1E8C329@apnic.net> <p06240806caddeb4faae0@[128.89.89.6]> <60C11709-5D46-474A-A4DB-ADE0675E73D8@apnic.net>
Date: Wed, 09 Nov 2011 15:18:19 -0500
To: Geoff Huston <gih@apnic.net>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSEC Threat Model ID
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Nov 2011 21:51:09 -0000

At 6:56 AM +1100 11/10/11, Geoff Huston wrote:
>...
>I did not claim it existed - I merely disagreed with the claim of its
>impossibility of existence.

OK.

>In the same way that the only way you can eliminate the "unknown" validation
>outcome is to achieve universal adoption of the generation of credentials,
>the general visibility of intent relies on universal adoption on the 
>generation
>of routing policy. It is not impossible per se, it just relies on 
>universal adoption!

agreed.

>In the case of the efforts relating to RPSL, reality has not 
>achieved such targets
>of universal adoption, as you point out.

OK.

>In the case of the efforts relating to the BGP security mechanisms 
>you are working
>on, it is an open issue as to how many folk would adopt it, but our 
>experiences
>of other technologies, including 4 byte ASN support indicate that universal
>adoption is an extremely challenging objective.

no argument.

Thanks for the thoughtful, detailed reply.

Steve

v2.23.0 | Report a Bug | By Email