Re: [sidr] Key learning procedures in BGPsec?
Stephen Kent <kent@bbn.com> Wed, 18 January 2012 19:43 UTC
Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6351B11E80AD for <sidr@ietfa.amsl.com>; Wed, 18 Jan 2012 11:43:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.299
X-Spam-Level:
X-Spam-Status: No, score=-106.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_42=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iVzysVYBPBnz for <sidr@ietfa.amsl.com>; Wed, 18 Jan 2012 11:42:59 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id B64BD11E8073 for <sidr@ietf.org>; Wed, 18 Jan 2012 11:42:59 -0800 (PST)
Received: from dhcp89-089-066.bbn.com ([128.89.89.66]:49310) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1RnbPN-000E9j-M5; Wed, 18 Jan 2012 14:42:58 -0500
Mime-Version: 1.0
Message-Id: <p06240806cb3cd066c995@[128.89.89.66]>
In-Reply-To: <13269421-8A36-4628-9F1A-30E02B922AE1@verisign.com>
References: <13269421-8A36-4628-9F1A-30E02B922AE1@verisign.com>
Date: Wed, 18 Jan 2012 14:41:52 -0500
To: Eric Osterweil <eosterweil@verisign.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: "sidr@ietf.org list" <sidr@ietf.org>
Subject: Re: [sidr] Key learning procedures in BGPsec?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jan 2012 19:43:00 -0000
At 6:36 PM -0500 1/17/12, Eric Osterweil wrote: >... >2 - How do we envision the process of an AS getting its own private >key information installed on all of its routers?* Without _these_, >updates cannot be signed... BGPSEC allows for a per-AS key pair or a per-router key pair.or anything in between. Thus, if an AS has routers in locations that the AS operator considers physically insecure, it can choose to have those routers be individually keyed, while having a shared key pair for other routers. Yes, this design may require routers to have access to a fairly large number of PUBLIC keys for routers/ASes. Steve
- [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Tim Bruijnzeels
- Re: [sidr] Key learning procedures in BGPsec? Sriram, Kotikalapudi
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Eric Osterweil
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Richard Barnes
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Ross.Anderson@cl.cam.ac.uk
- Re: [sidr] Key learning procedures in BGPsec? Richard Barnes
- [sidr] Key learning procedures in BGPsec? Ross Anderson
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson
- Re: [sidr] Key learning procedures in BGPsec? Stephen Kent
- Re: [sidr] Key learning procedures in BGPsec? Murphy, Sandra
- Re: [sidr] Key learning procedures in BGPsec? Brian Dickson