Re: [sidr] Burstiness of BGP updates

Shankar K A <shankar.k.a@ericsson.com> Wed, 16 November 2011 04:06 UTC

Return-Path: <shankar.k.a@ericsson.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7421111E8194 for <sidr@ietfa.amsl.com>; Tue, 15 Nov 2011 20:06:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbjyPAgU6IaW for <sidr@ietfa.amsl.com>; Tue, 15 Nov 2011 20:06:37 -0800 (PST)
Received: from mailgw9.se.ericsson.net (mailgw9.se.ericsson.net [193.180.251.57]) by ietfa.amsl.com (Postfix) with ESMTP id 02A3C11E811C for <sidr@ietf.org>; Tue, 15 Nov 2011 20:06:36 -0800 (PST)
X-AuditID: c1b4fb39-b7b3eae00000252a-c5-4ec336cabe4c
Received: from esessmw0237.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw9.se.ericsson.net (Symantec Mail Security) with SMTP id 27.FB.09514.AC633CE4; Wed, 16 Nov 2011 05:06:35 +0100 (CET)
Received: from ESESSCMS0358.eemea.ericsson.se ([169.254.1.199]) by esessmw0237.eemea.ericsson.se ([153.88.115.90]) with mapi; Wed, 16 Nov 2011 05:06:34 +0100
From: Shankar K A <shankar.k.a@ericsson.com>
To: Jakob Heitz <jakob.heitz@ericsson.com>, Russ White <russw@riw.us>
Date: Wed, 16 Nov 2011 05:06:29 +0100
Thread-Topic: [sidr] Burstiness of BGP updates
Thread-Index: AcykEGqCWd1q2OPJTTWI4m04Lo8GEwAABrygAADal2A=
Message-ID: <E2D346C7800D704DB41ED19D90434DA6320C15DF93@ESESSCMS0358.eemea.ericsson.se>
References: <D7A0423E5E193F40BE6E94126930C49308E9E35567@MBCLUSTER.xchange.nist.gov> <7309FCBCAE981B43ABBE69B31C8D21391A45A1F85D@EUSAACMS0701.eamcs.ericsson.se> <m2fwhqeq5i.wl%randy@psg.com> <CCE759E6-BEA6-433B-957A-6559C67BAD52@ericsson.com> <DCC302FAA9FE5F4BBA4DCAD4656937791452387941@PRVPEXVS03.corp.twcable.com> <7309FCBCAE981B43ABBE69B31C8D21391A45A1FE9F@EUSAACMS0701.eamcs.ericsson.se> <DCC302FAA9FE5F4BBA4DCAD4656937791452387978@PRVPEXVS03.corp.twcable.com> <7309FCBCAE981B43ABBE69B31C8D21391A45A1FEC8@EUSAACMS0701.eamcs.ericsson.se> <4EC3125D.4000309@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A2061F@EUSAACMS0701.eamcs.ericsson.se> <4EC329C6.4090600@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A2062E@EUSAACMS0701.eamcs.ericsson.se> <4EC32EBE.6030106@riw.us> <7309FCBCAE981B43ABBE69B31C8D21391A45A20633@EUSAACMS0701.eamcs.ericsson.se>
In-Reply-To: <7309FCBCAE981B43ABBE69B31C8D21391A45A20633@EUSAACMS0701.eamcs.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAA==
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] Burstiness of BGP updates
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Nov 2011 04:06:41 -0000

I would prefer signed updated over unsigned updates as Jakob suggested.
But strictly speaking, IMO we should only accept signed updates, because it's the number of AS that we add in the update that we are protecting.
By accepting unsigned update we may accept unprotected path information. 

- Shankar K A

-----Original Message-----
From: sidr-bounces@ietf.org [mailto:sidr-bounces@ietf.org] On Behalf Of Jakob Heitz
Sent: Wednesday, November 16, 2011 9:08 AM
To: Russ White
Cc: sidr@ietf.org
Subject: Re: [sidr] Burstiness of BGP updates

> -----Original Message-----
> From: Russ White [mailto:russw@riw.us]
> Sent: Tuesday, November 15, 2011 7:32 PM
> To: Jakob Heitz
> Cc: sidr@ietf.org
> Subject: Re: [sidr] Burstiness of BGP updates
> 
> 
> > The only utility I can see is in protecting reachability.
> > The only problem I can imagine with installing an unsigned route
> is
> > that the destination becomes unreachable. If it was unreachable to 
> > begin with, no harm is done.
> 
> When you're protecting reachability, what are you protecting?
> Whether or not someone can reach something. I assume that the 
> "something" you're trying to protect reachability to would/must 
> include things where you enter your password.
> 
> Hence, I look at this entire problem a little differently than simply 
> trying to enforce a small subset of policies, or as a theoretical 
> exercise... If we can't prevent real world consequences with this 
> work, then --why are we doing it?

We are doing it to protect reachability.

We are not protecting your password in clear text on the internet.

--
Jakob Heitz. x25475. 510-566-2901

_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr