Re: [sidr] Burstiness of BGP updates
Russ White <russw@riw.us> Thu, 17 November 2011 04:27 UTC
Return-Path: <russw@riw.us>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B17B211E810E for <sidr@ietfa.amsl.com>; Wed, 16 Nov 2011 20:27:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.556
X-Spam-Level:
X-Spam-Status: No, score=-2.556 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zAS5OQffY4je for <sidr@ietfa.amsl.com>; Wed, 16 Nov 2011 20:27:48 -0800 (PST)
Received: from ecbiz91.inmotionhosting.com (ecbiz91.inmotionhosting.com [173.205.124.250]) by ietfa.amsl.com (Postfix) with ESMTP id 2316211E80F5 for <sidr@ietf.org>; Wed, 16 Nov 2011 20:27:48 -0800 (PST)
Received: from cpe-065-190-155-146.nc.res.rr.com ([65.190.155.146]:53175 helo=[192.168.100.58]) by ecbiz91.inmotionhosting.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <russw@riw.us>) id 1RQtZi-0000es-3a; Wed, 16 Nov 2011 23:27:46 -0500
Message-ID: <4EC48D37.9050005@riw.us>
Date: Wed, 16 Nov 2011 23:27:35 -0500
From: Russ White <russw@riw.us>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: Stephen Kent <kent@bbn.com>
References: <D7A0423E5E193F40BE6E94126930C49308E9E35567@MBCLUSTER.xchange.nist.gov> <DCC302FAA9FE5F4BBA4DCAD4656937791452387978@PRVPEXVS03.corp.twcable.com> <7309FCBCAE981B43ABBE69B31C8D21391A45A1FEC8@EUSAACMS0701.eamcs.ericsson.se > <4EC3125D.4000309@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A2061F@EUSAACMS0701.eamcs.ericsson.se > <4EC329C6.4090600@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A2062E@EUSAACMS0701.eamcs.ericsson.se > <4EC32EBE.6030106@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A20633@EUSAACMS0701.eamcs.ericsson.se > <E2D346C7800D704DB41ED19D90434DA6320C15DF93@ESESSCMS0358.eemea.ericsson.se > <4EC33E88.9090505@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A20649@EUSAACMS0701.eamcs.ericsson.se > <4EC459F0.9070200@riw.us> <CAL9jLabyymUZJRk44Z00UeQsxinN5D-05-7_htmRanYwi7ysvQ@mail.gmail.com> <4EC462E9.7090103@riw.us> <m2wraz4j68.wl%randy@psg.com> <4EC4684B.3030204@riw.us> <p0624080dcaea2dd3301a@[172.20.1.65]>
In-Reply-To: <p0624080dcaea2dd3301a@[172.20.1.65]>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ecbiz91.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - riw.us
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] Burstiness of BGP updates
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2011 04:27:48 -0000
> Most security policies focus on aspects of system operation that are > perceived as "secruity critical." The WG charter articulates a security > policy, focusing on origin validation and path authenticity. These > aspects of routing security are visible and this avoid the more > problematic question of what the system "should look like." Path authenticity is a check of precisely what? What the AS Path should look like. Once you put timers in there, and then do lazy verification, and then do beacons, and then... You've left the realm of ensuring a received route has a "valid" AS Path from the perspective of what the AS Path should look like. It might have looked like that a week ago, but who knows what it should look like right now? As you even said: > The usual characterization of a secruity system is a set of mechanisms that > are intended to enforce a secruity policy. A policy is what someone, someplace, intends. What someone intends is simply an expression of "what the system should look like." You can't get away from intent. :-) Russ
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Sriram, Kotikalapudi
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Jakob Heitz
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Randy Bush
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Jakob Heitz
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … George, Wes
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Jakob Heitz
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … George, Wes
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Jakob Heitz
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Brian Dickson
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … George, Wes
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Russ White
- Re: [sidr] Burstiness of BGP updates (was: WGLC: … Jakob Heitz
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Jakob Heitz
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Jakob Heitz
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Shankar K A
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Christopher Morrow
- Re: [sidr] Burstiness of BGP updates Shankar K A
- Re: [sidr] Burstiness of BGP updates Jakob Heitz
- Re: [sidr] Burstiness of BGP updates Shankar K A
- Re: [sidr] Burstiness of BGP updates Brian Dickson
- Re: [sidr] Burstiness of BGP updates Christopher Morrow
- Re: [sidr] Burstiness of BGP updates Brian Dickson
- Re: [sidr] Burstiness of BGP updates Christopher Morrow
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Christopher Morrow
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Robert Raszuk
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Brian Dickson
- Re: [sidr] Burstiness of BGP updates Robert Raszuk
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Eric Osterweil
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Stephen Kent
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Russ White
- Re: [sidr] Burstiness of BGP updates Eric Osterweil
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Geoff Huston
- Re: [sidr] Burstiness of BGP updates Tony Tauber
- Re: [sidr] Burstiness of BGP updates Robert Raszuk
- Re: [sidr] Burstiness of BGP updates Tony Tauber
- Re: [sidr] Burstiness of BGP updates Robert Raszuk
- Re: [sidr] Burstiness of BGP updates Tony Tauber
- Re: [sidr] Burstiness of BGP updates Stephen Kent
- Re: [sidr] Burstiness of BGP updates Randy Bush
- Re: [sidr] Burstiness of BGP updates Jakob Heitz