Re: [Sidr] [OPSEC] pccw as17557 leak...

"Vishwas Manral" <> Tue, 04 March 2008 16:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EA17628C699; Tue, 4 Mar 2008 08:01:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.666
X-Spam-Status: No, score=-0.666 tagged_above=-999 required=5 tests=[AWL=-0.229, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id k1gi4ccpjvCB; Tue, 4 Mar 2008 08:01:48 -0800 (PST)
Received: from (localhost []) by (Postfix) with ESMTP id 6FEE128C5AF; Tue, 4 Mar 2008 08:00:39 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1F1913A6A80 for <>; Tue, 4 Mar 2008 08:00:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4YT2aqvaEKEN for <>; Tue, 4 Mar 2008 08:00:32 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id D3A4328C650 for <>; Tue, 4 Mar 2008 07:59:50 -0800 (PST)
Received: by with SMTP id i36so740773gve.15 for <>; Tue, 04 Mar 2008 07:59:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=CmQsPS+7OVCXoNo+J60mpvILcChLxXb+NhnMeHI2lvk=; b=jcJfV5qLYSAxUxNQcbdDYz18jN51Xze08qMi/8gxwlYHRbCSpaKYQRrHv0XiMhOg4rr5MxMSuHBLBUWzSB4in93oh0SRTRXs6kFHQJHZeud23WbVwDkPZLlYZJD0/xYdgqGyDYdq8/N00MmYwHCd/DZbAhZn9XITQ5ojWQs1BKM=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=E9pdqV2PF5xqwmb1B5BSyZKIBXv3B40ESj8lSWe1WnPbDbpvg55gD4VQbZAOvie5CrdCZ0/R0Yf7rZnUHNopl1tLzqtmitVvj14e5GxhEQmkz3DLffhO8q/5cTLvu4YNaVnmRUIrkpuwLdpV2+l4VXgAnJxG7Ua5MtqdpEuSHmE=
Received: by with SMTP id d2mr539564wfe.219.1204646379295; Tue, 04 Mar 2008 07:59:39 -0800 (PST)
Received: by with HTTP; Tue, 4 Mar 2008 07:59:39 -0800 (PST)
Message-ID: <>
Date: Tue, 04 Mar 2008 07:59:39 -0800
From: Vishwas Manral <>
To: Joe Abley <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Disposition: inline
References: <> <> <> <> <> <> <> <> <> <>
Cc: opsec wg mailing list <>,
Subject: Re: [Sidr] [OPSEC] pccw as17557 leak...
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi Joe,

If you saw the mail exchange between Sandra and I, you will notice she
mentioned the reason they have to go ahead with SIDR even though we
have tools available from RIPE. What I have been trying to do is to
figure out weaknesses. in the current infrastructure to get a secure
behavior. As a first step I found out this weakness and updated RIPE/
Daniel about the same.

As we discussed earlier SIDR does not provide a totally secure
infrastructure. The point here is that SIDR is giving some very basic
improvements in the security, generally in the non-malicious case. The
idea is can we get a similar security with the current infrastructure,
by doing minor improvements. There is a certain cost involved with the
SIDR infrastructure.

I do not think the SSL channel has not been done because it is
unnecessary. I guess there hasn't been an attack on that side of the
infrastructure yet, but these are well known issues/ attacks in other


On Tue, Mar 4, 2008 at 7:43 AM, Joe Abley <> wrote:
>  On 4-Mar-2008, at 10:36, Vishwas Manral wrote:
>  > To further explain it. In my view SSL is the right protocol for this
>  > kind of transaction (we could use IPSec with BTNS too though). As the
>  > idea is to get the information from the right server, the client
>  > itself could be any one.
>  That seems like a feasible band-aid over the deficiencies of the
>  existing service, although it's clearly no panacea. It also has the
>  practical problem that existing scripts that use whois would need
>  modification, although the whois "protocol" and client are so trivial
>  that it would presumably be straightforward for someone to implement a
>  change to the (say) BSD client to implement an SSL wrapper with server-
>  side certificate verification.
>  Allowing the integrity of the data itself to be trusted (e.g. using
>  the resource certification work) seems like a more appropriate
>  direction than worrying about the security of data retrieval, though,
>  which perhaps explains why SSL-wrapping whois has not already been
>  done by anybody.
>  Joe
Sidr mailing list