Re: [sidr] suggested amendment to draft-ymbk-bgpsec-reqs
Doug Montgomery <dougm.tlist@gmail.com> Fri, 01 April 2011 13:34 UTC
Return-Path: <dougm.tlist@gmail.com>
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4805C3A680F for <sidr@core3.amsl.com>; Fri, 1 Apr 2011 06:34:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.186
X-Spam-Level:
X-Spam-Status: No, score=-3.186 tagged_above=-999 required=5 tests=[AWL=0.186, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_SUB_OBFU_Q1=0.227]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yUQaGoTaXKzR for <sidr@core3.amsl.com>; Fri, 1 Apr 2011 06:34:56 -0700 (PDT)
Received: from mail-bw0-f44.google.com (mail-bw0-f44.google.com [209.85.214.44]) by core3.amsl.com (Postfix) with ESMTP id 9BF823A688A for <sidr@ietf.org>; Fri, 1 Apr 2011 06:34:13 -0700 (PDT)
Received: by bwz13 with SMTP id 13so2745191bwz.31 for <sidr@ietf.org>; Fri, 01 Apr 2011 06:35:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=B++sfg7vW3p/wVIzUlr+kW77KYnpvhRj6ZAr1ouLTOo=; b=B/PEx5vzABply7XuvblfC3jyiGyuRY5NkwTPbUzCZWNdFDo/I1EyJ2yjQi6IpbZEDn xh1x55gtn+3z5v2xrgI28x4K7nMrIaRK+dAlfSI0Wg2EBkOPqwJirIq7okmKJJgdzzEa CqBPWVjL01sZtqKSmTJgXBytG2lSwVAPHDvYo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=OQWDLqubgI1huYt3kdLow8HgzkZtY3cF0DSl5KdTRw/jPNhDjY6UZYUifrVgvtGoIr /P8VtDdT51aPz1gRxNlplZ/QpLayDgZfG/GLwbuxAhXMbdgKeUFrRPHkFdJv8Zd0pN+T hNo90AufPBN4eSGk/WPLMn2WW1H5/0htqe4ss=
Received: by 10.204.8.141 with SMTP id h13mr1549062bkh.64.1301664953369; Fri, 01 Apr 2011 06:35:53 -0700 (PDT)
Received: from dhcp-151a.meeting.ietf.org (dhcp-151a.meeting.ietf.org [130.129.21.26]) by mx.google.com with ESMTPS id q24sm1407900bks.21.2011.04.01.06.35.51 (version=SSLv3 cipher=OTHER); Fri, 01 Apr 2011 06:35:52 -0700 (PDT)
Message-ID: <4D95D4B6.9050704@gmail.com>
Date: Fri, 01 Apr 2011 09:35:50 -0400
From: Doug Montgomery <dougm.tlist@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: sidr@ietf.org
References: <4D95C701.9010308@gmail.com>
In-Reply-To: <4D95C701.9010308@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [sidr] suggested amendment to draft-ymbk-bgpsec-reqs
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2011 13:34:58 -0000
On 4/1/11 8:37 AM, Andrei Robachevsky wrote: > Hi, > > I propose the inclusion of the following requirement: > > 3.x A BGPsec design should not decrease the performance characteristics > of the BGP, nor have a negative impact on the overall resilience of the > routing system. > "should not decrease" seems a bit literal and restrictive. One could argue that no addition of a feature that put more bits on the wire could meet that goal. Maybe the operative requirement is that the performance implications with respect to convergence be clearly defined (in an algorithmic sense (e.g., require 1 RSA/SHA verification per hop, and the addition of x bytes of new attributes per hop). Maybe some follow up bench marking of independent implementations in the protocol report later would further clarify the issue. All other characterizations of larger impacts on convergence will be based upon models ... and more speculative. As for resilience, I think it also key to document what factors might influence resilience issues of BGPSEC operations (e.g., distribution of global RPKI data, etc). One should also note that the goal of this protocol is to improve the resilience of the system ... ;^). As it stands now, BGPSEC is opt-in. So it seems that clearly documenting these issues is more operative than make absolute requirements about them. > Examples that I have in mind is the convergence time or a solution that > can make the global routing system more fragile (e.g. an expired > signature blacking out a significant part of the Internet). Perhaps that > should also be covered in the deployment considerations, since this > depends partly on local policy decisions. > > Andrei > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr >
- [sidr] suggested amendment to draft-ymbk-bgpsec-r… Andrei Robachevsky
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Doug Montgomery
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Sandra Murphy
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Danny McPherson
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Russ White
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Andrei Robachevsky
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Stephen Kent
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Randy Bush
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Andrei Robachevsky
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Randy Bush
- Re: [sidr] suggested amendment to draft-ymbk-bgps… Doug Montgomery