Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 04 January 2017 20:48 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7F241295DB; Wed, 4 Jan 2017 12:48:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.401
X-Spam-Level:
X-Spam-Status: No, score=-7.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-ECvodoKFzO; Wed, 4 Jan 2017 12:48:06 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F08F9129428; Wed, 4 Jan 2017 12:48:05 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id A5A4CBE47; Wed, 4 Jan 2017 20:48:04 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0cvses2CebML; Wed, 4 Jan 2017 20:48:03 +0000 (GMT)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 7133CBE3E; Wed, 4 Jan 2017 20:48:02 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1483562883; bh=Hnd/a8qUjGTZZ0a/zL7r0+jHs0sJMtYjy+hDPrwQ1jM=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=sBa4veHVyLm/B1FWVhQFVJ5dNvdDkKZq6+16Tc9xPB1xZ7cE2bsQmBfwiiZOI/lsj 3cprsrRMF2BCAW7KzEhd3Ak/mhhvkj8PZLsZxv/5SjBfGjYlcaK+7K6g0YNmTKlMku FlKNmPC8zRA0TJrHP9YHUaSRN5c4YIPPtPW7N/I4=
To: "Montgomery, Douglas (Fed)" <dougm@nist.gov>, Russ Housley <housley@vigilsec.com>
References: <148353798879.13011.5291414579598073386.idtracker@ietfa.amsl.com> <B659D894-672F-4059-A001-5C4D1D602470@vigilsec.com> <3ae7d707-3229-2508-7aeb-2cd617aa97fd@cs.tcd.ie> <D492BBD6.6F422%dougm@nist.gov>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <f306df7c-06a0-0662-93f4-5cb984a8eb0e@cs.tcd.ie>
Date: Wed, 04 Jan 2017 20:48:02 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <D492BBD6.6F422%dougm@nist.gov>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms090405050702050600080804"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/lSOBb3zomXRbciyxPaVGo_5lht4>
Cc: IESG <iesg@ietf.org>, IETF SIDR <sidr@ietf.org>
Subject: Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 20:48:07 -0000
Hiya, On 04/01/17 20:00, Montgomery, Douglas (Fed) wrote: > Stephen, > > If I understand your question, I don’t think one can infer anything about > the BGP feeds or route selection processes of an AS based upon the traffic > a validating cache sends to RPKI repositories. Is that the same traffic a BGPsec relying party sends? I can imagine that it might or might not be, but don't recall the BGPsec spec saying. If, in fact, it isn't possible to infer which ASes are likely to be used from the traffic emitted by an RP for PKI purposes, then yes, this discuss point goes away. (I think:-) Cheers, S. > > The design of RPKI validating caches (and all implementations that I know > of) prefetch and validate RPKI objects independent of BGP traffic > processing. That is, they are background processing the entire RPKI, and > are not event driven by BGP traffic. As a matter of fact, the RPKI > validating cache’s are typically on systems that have no reason to > implement BGP at all. > > Also the RPKI-to-Rtr protocol between the cache and router is batch driven > (roughly) by the validation process, not BGP event driven. > > I.e., the RPKI traffic to a validating cache in an AS with no BGP feeds > and one with full BGP feeds is the same, and both independent of BGP event > processing. > > If that was not the supposition of your question … please ignore. > dougm > > > > > — > Doug Montgomery, Mgr Internet & Scalable Systems Research at NIST/ITL/ANTD > > > > > > On 1/4/17, 2:33 PM, "sidr on behalf of Stephen Farrell" > <sidr-bounces@ietf.org on behalf of stephen.farrell@cs.tcd.ie> wrote: > >> >> >> On 04/01/17 19:24, Russ Housley wrote: >>> >>>> ---------------------------------------------------------------------- >>>> >>>> >> DISCUSS: >>>> ---------------------------------------------------------------------- >>>> >>>> >>>> >> I have a couple of fairly straightforward things I'd >>>> like to briefly discuss... >>>> >>>> [snip] >>>> >>>> (3) section 8: Is there a potential exposure here in that a relying >>>> party who emits e.g. certificate status checks or cert retrieval >>>> queries for an RPKI cert they've not previously seen is exposing >>>> something about the set of paths its traffic is likely to follow. >>>> (This is similar to why we have OCSP stapling in the web.) IIRC the >>>> RPKI specs may cover this but I suspect it'd be worth noting here >>>> as well even if so as this represents exposing something about BGP >>>> announcement content to off-path parties which I think is new for >>>> BGP. Is that a new thing for BGP? (I think the new aspect to the >>>> attack is that a bad actor who has already compromised some AS >>>> could more easily spot that traffic from the relying party's AS is >>>> likely to transit the compromised AS.) >>> >>> I am not sure what you mean by a "compromised AS,” but it may not >>> matters … >> >> More or less if traffic to/from ASxxxx is visible to an >> attacker and/or can be modified by an attacker. That could >> be due to collusion between the AS and an attacker for >> example, or because an attacker has compromised some routers >> within a transit AS. >> >>> >>> If a link goes down, >> >> I'm not sure this is only if a link goes down. I'd guess the same >> risk would exist when any BGPsec path is first seen at a relying >> party and where that RP doesn't have all the necessary RPKI stuff >> cached before signature validation. >> >> . and that causes an alternative path to be >>> selected, that forces the validation a new path which might involve a >>> previously unvalidated AS. If an OCSP responder or repository that >>> provides RPKI objects is contacted as part of that validation, then >>> some external entities can detect that something is changing. That >>> is, stuff not normally validated because it is associated with a >>> unselected path gets fetched. >> >> Right. Sorry to not be clearer on what might become visible to >> the network outside the RP's AS - I'm afraid I just don't have all >> the RPKI details in my head;-) >> >>> >>> That said, the NOC could fetch a snapshot of the RPKI, then the >>> exposure of the switch to a new path can be limited to that AS. This >>> assumes that the snapshot uses CRLs, which seems like a very >>> reasonable choice in the RPKI. >> >> Right, I think all that'd be needed for this would be to ack that >> there's this (normally fairly minor) new risk and that you can >> avoid it if you pre-fetch enough stuff. (As a separate question, >> I wonder if the amount of stuff involved in the RPKI is such that >> it'd be fairly easy to pre-fetch it all frequently enough to >> nearly never hit this problem.) >> >> Cheers, >> S. >> >>> >>> Russ >>> >> >
- [sidr] Stephen Farrell's Discuss on draft-ietf-si… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sean Turner
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Russ Housley
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Mehmet Adalier (Antara Teknik)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Randy Bush