Re: [sidr] BGPSEC Threat Model ID
Christopher Morrow <morrowc.lists@gmail.com> Fri, 04 November 2011 21:07 UTC
Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 385AC21F8AF3 for <sidr@ietfa.amsl.com>; Fri, 4 Nov 2011 14:07:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.528
X-Spam-Level:
X-Spam-Status: No, score=-103.528 tagged_above=-999 required=5 tests=[AWL=0.071, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Imn3Oo87wWE for <sidr@ietfa.amsl.com>; Fri, 4 Nov 2011 14:07:06 -0700 (PDT)
Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id 2431821F8AE6 for <sidr@ietf.org>; Fri, 4 Nov 2011 14:07:06 -0700 (PDT)
Received: by iaeo4 with SMTP id o4so3892192iae.31 for <sidr@ietf.org>; Fri, 04 Nov 2011 14:07:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=mLjIgtGrKkVgmEeFc6u5dNefz/XzBPUoaVM3o/Pvnbc=; b=YfQs/LfSB0SRJLr36IFW108/7/W8Q0kRZufEF6rovdAvDwKc5oH5WcwRKKD5Uxwtpa eScsiM2H29cIqb0NBzkyEBMOX5uJbgn2GIUHmZ9uk9fShGChQdETLGpn7ZSUSqcCAhjF EVvCo5AbV7GKUbilry5g21muv1wLv6clWSBLo=
MIME-Version: 1.0
Received: by 10.231.68.20 with SMTP id t20mr4290529ibi.18.1320440825770; Fri, 04 Nov 2011 14:07:05 -0700 (PDT)
Sender: christopher.morrow@gmail.com
Received: by 10.231.202.142 with HTTP; Fri, 4 Nov 2011 14:07:05 -0700 (PDT)
In-Reply-To: <53FA9B4A-552C-4998-8F69-592A0F5AA13B@verisign.com>
References: <E96517DD-BAC7-4DD8-B345-562F71788C6A@tcb.net> <p06240807cad42f85eb7d@193.0.26.186> <32744.216.168.239.87.1320175657.squirrel@webmail.tcb.net> <p06240801cad6ab773279@193.0.26.186> <D9A38669-883D-4090-9F95-BC5C63220950@tcb.net> <p06240801cad800485596@193.0.26.186> <EEBF68E0-FAD9-4AF3-B81B-78760D200D9B@tcb.net> <p06240808cad85ff73d61@193.0.26.186> <080F8FFF-D2C7-4414-B53A-233F88D2009F@vpnc.org> <CAFU7BATC-6DUDNuadakwSa5wj0ryy0=49=XveBXD5Wv=5JL-ag@mail.gmail.com> <m2aa8c489s.wl%randy@psg.com> <53FA9B4A-552C-4998-8F69-592A0F5AA13B@verisign.com>
Date: Fri, 04 Nov 2011 17:07:05 -0400
X-Google-Sender-Auth: Pa-tpK9GvzG8HrzSlAivIxWmp9s
Message-ID: <CAL9jLaZj1wcmDnbm1f9=csUv2Uuq_w3rS6UEYmUHAQDPWT9zFg@mail.gmail.com>
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Eric Osterweil <eosterweil@verisign.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSEC Threat Model ID
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Nov 2011 21:07:08 -0000
On Fri, Nov 4, 2011 at 3:05 PM, Eric Osterweil <eosterweil@verisign.com> wrote: > > This is a list of three questions. Until there is discussion of the first, it is premature to address the second two. Therefore, how about we just choose a specific case of the first: how would BGPSec protect against an instance of an event found here: > http://puck.nether.net/bgp/leakinfo.cgi > I'm not randy, but I was talking about this very thing in the office today with a co-worker... I'm not clear on how anything can stop an instance like: src time prefix puck 2011-11-04 16:15:49.157742 8.10.160.0/23 path 2914 2828 12989 12189 3356 19181 19181 19181 Contact score blame_asn 2828 3 12989 As I read this, 12989 (highwind) is 'accidentally' announcing reachability for 8.10.160.0/23 (CWIE? AS19181). Looking at one popular source of routing data: <http://www.robtex.com/as/as19181.html> it actually seems that the 2 people may be peers :( the route that we see is merely an artifact of their connectivity and 'poor route selection' inside their networks :( Point being that in cases like this (or really all route leak cases) the only thing that stops this is filtering routes between bgp peers. (transits, customers, SFP peers) There isn't anything in the protocol itself (which is Stephen's, Russ's, Randy's comment through out) that tells you/me/them that 12989 should not be permitted to announce this route. (looking at available data, it seems that they SHOULD, perhaps not with this ASPath, but...) How would you go about telling, from the data on the wire in bgp, that a route is a hijack? How would you propose changing the data on the wire in bgp today to do this tomorrow? Would having data you could mechanically verify about the routes and origins and relationships (say connectivity only?) between bgp peers help solve this problem? In my view I don't see a change to the BGP wire format helping, I do see existence of data to mechanically verify ownership (and perhaps connectivity information?) helping. -chris
- [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Paul Hoffman
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID George, Wes
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Jen Linkova
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Sriram, Kotikalapudi
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Eric Osterweil
- Re: [sidr] BGPSEC Threat Model ID Randy Bush
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Shane Amante
- Re: [sidr] BGPSEC Threat Model ID Christopher Morrow
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Jakob Heitz
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Russ White
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Brian Dickson
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Geoff Huston
- Re: [sidr] BGPSEC Threat Model ID Stephen Kent
- Re: [sidr] BGPSEC Threat Model ID Danny McPherson