Re: [sidr] Key learning procedures in BGPsec?

[Eric Osterweil <eosterweil@verisign.com>]

On Jan 18, 2012, at 4:11 AM, Tim Bruijnzeels wrote:

> Hi,
> 
> On Jan 18, 2012, at 12:36 AM, Eric Osterweil wrote:
>> 2 - How do we envision the process of an AS getting its own private key information installed on all of its routers?*  Without _these_, updates cannot be signed...
> 
> I don't know for a fact, but I expect that the router key pair is created on the router itself. The private key never leaves it, but the public key can be exported so that it can be put on a (EE?) certificate signed by the holder of the AS.

I think this is one of the things that I was afraid of (though I may still be in the weeds).  If (on one extreme) every router in an AS creates its own pub/priv key pair, then an AS w/ ~10^3 routers will need to publish ~10^3 keys, and consuming/verifying routers will need to have ~10^3 public keys in their extended memory hierarchies to verify any possible prefix/signature combination.  It sounds like we may need routers to manage key sets on the order of the number of _routers_ in the global routing system rather than the number of ASes in order to be able to verify all of crypto sigs that may be encountered on updates...

> 
> I have to admit though that I am not fully up to speed with all the bgpsec documents, it's somewhere on my todo list, but my main focus here has been on publication and validation related matters, not so much bgp and router..

Understood.  I have not ruled out the possibility that my confusion stems from not being current enough with one of the drafts that happens to address this... Though, I wonder if that is also a point worth making.  Maybe there are just too many drafts, and that needs to be addressed? ;)

Eric