Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 04 January 2017 21:45 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEEA31296F7; Wed, 4 Jan 2017 13:45:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.401
X-Spam-Level:
X-Spam-Status: No, score=-7.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qs8mbNz-nsml; Wed, 4 Jan 2017 13:45:24 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A29BF12941E; Wed, 4 Jan 2017 13:45:23 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 39C9CBE39; Wed, 4 Jan 2017 21:45:21 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id otHnNzDmSizR; Wed, 4 Jan 2017 21:45:19 +0000 (GMT)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 9B597BE38; Wed, 4 Jan 2017 21:45:18 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1483566319; bh=XbQ4IQ/DDwq4xIA9i+B87NvqgLR7vHnhZ+Hdey0N+BM=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=kvYb6FtLgohMhqKO63t+l3GdHldnNUcK7OVY6b2IQW9N/qbjwQ61lpZB61mwe6yTu vgOAAjQAGqK5qhFX2RIar7JD2I6H+b9i9J5wS1dt/10hkefi1civ0BU0QlJw06odAB eiorzY5uezrCC4klJACuJKoTL7RzEy95LL3Zo8+Q=
To: "Montgomery, Douglas (Fed)" <dougm@nist.gov>, Russ Housley <housley@vigilsec.com>
References: <148353798879.13011.5291414579598073386.idtracker@ietfa.amsl.com> <B659D894-672F-4059-A001-5C4D1D602470@vigilsec.com> <3ae7d707-3229-2508-7aeb-2cd617aa97fd@cs.tcd.ie> <D492BBD6.6F422%dougm@nist.gov> <f306df7c-06a0-0662-93f4-5cb984a8eb0e@cs.tcd.ie> <D492D3B6.6F4BE%dougm@nist.gov>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <f1c2f28f-c889-ee6d-e670-e8f977492946@cs.tcd.ie>
Date: Wed, 04 Jan 2017 21:45:18 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <D492D3B6.6F4BE%dougm@nist.gov>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms080702040900010903040100"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/oI_25NC84j1RUM35Bm4sI5r0F-I>
Cc: IESG <iesg@ietf.org>, IETF SIDR <sidr@ietf.org>
Subject: Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-protocol-21: (with DISCUSS and COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 21:45:27 -0000
Hiya, On 04/01/17 21:39, Montgomery, Douglas (Fed) wrote: > The RPKI validating caches *are* the relaying parties for BGPsec, they are > (a) designed to be run on a separate box than the router itself and (b) > their behavior WRT exchanges with RPKI repositories is independent of BGP > message processing by any of the routers that they serve. Sure. That makes sense. But where's it stated for BGPsec that the RP ought act that way? Cheers, S. > > Maybe the first few sections of https://tools.ietf.org/html/rfc6810 would > make that point better than my mumblings. > > e.g., For various research / measurement reasons we run 3 different > validating caches that don’t serve a single BGP router. Their exchanges > with the repositories are no different than if they served a DFZ BGP > router. > > Dougm > > > > — > Doug Montgomery, Mgr Internet & Scalable Systems Research at NIST/ITL/ANTD > > > > > > On 1/4/17, 3:48 PM, "Stephen Farrell" <stephen.farrell@cs.tcd.ie> wrote: > >> >> Hiya, >> >> On 04/01/17 20:00, Montgomery, Douglas (Fed) wrote: >>> Stephen, >>> >>> If I understand your question, I don’t think one can infer anything >>> about >>> the BGP feeds or route selection processes of an AS based upon the >>> traffic >>> a validating cache sends to RPKI repositories. >> >> Is that the same traffic a BGPsec relying party sends? >> >> I can imagine that it might or might not be, but don't >> recall the BGPsec spec saying. >> >> If, in fact, it isn't possible to infer which ASes are >> likely to be used from the traffic emitted by an RP >> for PKI purposes, then yes, this discuss point goes >> away. (I think:-) >> >> Cheers, >> S. >> >>> >>> The design of RPKI validating caches (and all implementations that I >>> know >>> of) prefetch and validate RPKI objects independent of BGP traffic >>> processing. That is, they are background processing the entire RPKI, >>> and >>> are not event driven by BGP traffic. As a matter of fact, the RPKI >>> validating cache’s are typically on systems that have no reason to >>> implement BGP at all. >>> >>> Also the RPKI-to-Rtr protocol between the cache and router is batch >>> driven >>> (roughly) by the validation process, not BGP event driven. >>> >>> I.e., the RPKI traffic to a validating cache in an AS with no BGP feeds >>> and one with full BGP feeds is the same, and both independent of BGP >>> event >>> processing. >>> >>> If that was not the supposition of your question … please ignore. >>> dougm >>> >>> >>> >>> >>> — >>> Doug Montgomery, Mgr Internet & Scalable Systems Research at >>> NIST/ITL/ANTD >>> >>> >>> >>> >>> >>> On 1/4/17, 2:33 PM, "sidr on behalf of Stephen Farrell" >>> <sidr-bounces@ietf.org on behalf of stephen.farrell@cs.tcd.ie> wrote: >>> >>>> >>>> >>>> On 04/01/17 19:24, Russ Housley wrote: >>>>> >>>>>> >>>>>> ---------------------------------------------------------------------- >>>>>> >>>>>> >>>> DISCUSS: >>>>>> >>>>>> ---------------------------------------------------------------------- >>>>>> >>>>>> >>>>>> >>>> I have a couple of fairly straightforward things I'd >>>>>> like to briefly discuss... >>>>>> >>>>>> [snip] >>>>>> >>>>>> (3) section 8: Is there a potential exposure here in that a relying >>>>>> party who emits e.g. certificate status checks or cert retrieval >>>>>> queries for an RPKI cert they've not previously seen is exposing >>>>>> something about the set of paths its traffic is likely to follow. >>>>>> (This is similar to why we have OCSP stapling in the web.) IIRC the >>>>>> RPKI specs may cover this but I suspect it'd be worth noting here >>>>>> as well even if so as this represents exposing something about BGP >>>>>> announcement content to off-path parties which I think is new for >>>>>> BGP. Is that a new thing for BGP? (I think the new aspect to the >>>>>> attack is that a bad actor who has already compromised some AS >>>>>> could more easily spot that traffic from the relying party's AS is >>>>>> likely to transit the compromised AS.) >>>>> >>>>> I am not sure what you mean by a "compromised AS,” but it may not >>>>> matters … >>>> >>>> More or less if traffic to/from ASxxxx is visible to an >>>> attacker and/or can be modified by an attacker. That could >>>> be due to collusion between the AS and an attacker for >>>> example, or because an attacker has compromised some routers >>>> within a transit AS. >>>> >>>>> >>>>> If a link goes down, >>>> >>>> I'm not sure this is only if a link goes down. I'd guess the same >>>> risk would exist when any BGPsec path is first seen at a relying >>>> party and where that RP doesn't have all the necessary RPKI stuff >>>> cached before signature validation. >>>> >>>> . and that causes an alternative path to be >>>>> selected, that forces the validation a new path which might involve a >>>>> previously unvalidated AS. If an OCSP responder or repository that >>>>> provides RPKI objects is contacted as part of that validation, then >>>>> some external entities can detect that something is changing. That >>>>> is, stuff not normally validated because it is associated with a >>>>> unselected path gets fetched. >>>> >>>> Right. Sorry to not be clearer on what might become visible to >>>> the network outside the RP's AS - I'm afraid I just don't have all >>>> the RPKI details in my head;-) >>>> >>>>> >>>>> That said, the NOC could fetch a snapshot of the RPKI, then the >>>>> exposure of the switch to a new path can be limited to that AS. This >>>>> assumes that the snapshot uses CRLs, which seems like a very >>>>> reasonable choice in the RPKI. >>>> >>>> Right, I think all that'd be needed for this would be to ack that >>>> there's this (normally fairly minor) new risk and that you can >>>> avoid it if you pre-fetch enough stuff. (As a separate question, >>>> I wonder if the amount of stuff involved in the RPKI is such that >>>> it'd be fairly easy to pre-fetch it all frequently enough to >>>> nearly never hit this problem.) >>>> >>>> Cheers, >>>> S. >>>> >>>>> >>>>> Russ >>>>> >>>> >>> >> >
- [sidr] Stephen Farrell's Discuss on draft-ietf-si… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sean Turner
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Russ Housley
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Mehmet Adalier (Antara Teknik)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Montgomery, Douglas (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Sriram, Kotikalapudi (Fed)
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [sidr] Stephen Farrell's Discuss on draft-iet… Randy Bush