IETF Logo Mail Archive

Re: [sidr] pCNT & prepending

"Montgomery, Douglas" <dougm@nist.gov> Thu, 28 July 2011 15:14 UTC

Return-Path: <dougm@nist.gov>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0BF821F8CAF for <sidr@ietfa.amsl.com>; Thu, 28 Jul 2011 08:14:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.229
X-Spam-Level:
X-Spam-Status: No, score=-2.229 tagged_above=-999 required=5 tests=[AWL=0.370, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9s72igBB9BPN for <sidr@ietfa.amsl.com>; Thu, 28 Jul 2011 08:14:32 -0700 (PDT)
Received: from wsget1.nist.gov (wsget1.nist.gov [129.6.13.150]) by ietfa.amsl.com (Postfix) with ESMTP id 1883121F873D for <sidr@ietf.org>; Thu, 28 Jul 2011 08:14:32 -0700 (PDT)
Received: from WSXGHUB1.xchange.nist.gov (129.6.18.96) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.1.323.0; Thu, 28 Jul 2011 11:14:16 -0400
Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB1.xchange.nist.gov ([129.6.18.96]) with mapi; Thu, 28 Jul 2011 11:14:30 -0400
From: "Montgomery, Douglas" <dougm@nist.gov>
To: XIANG Yang <xiangy08@csnet1.cs.tsinghua.edu.cn>
Date: Thu, 28 Jul 2011 11:12:16 -0400
Thread-Topic: [sidr] pCNT & prepending
Thread-Index: AcxNOKk3f1YBVYl+Q9qOJP+lu8VqVwAABNAm
Message-ID: <D7A0423E5E193F40BE6E94126930C493087C7907AF@MBCLUSTER.xchange.nist.gov>
References: <3E7A5153-26C1-4974-9A1B-33AB92FCD657@tcb.net>, <CA+rW-LBMWPRYhK+Q7fhymKnvhYetroqBG0p=CvuN-OnysSK4QA@mail.gmail.com>
In-Reply-To: <CA+rW-LBMWPRYhK+Q7fhymKnvhYetroqBG0p=CvuN-OnysSK4QA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] pCNT & prepending
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jul 2011 15:14:32 -0000

Did your comment mean complete "AS removal" ... or defending against adding/removing pre-pends.

dougm

Doug Montgomery - Manager Internet and Scalable Systems Research Group / Information Technology Laboratory / NIST
________________________________________
From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] On Behalf Of XIANG Yang [xiangy08@csnet1.cs.tsinghua.edu.cn]
Sent: Thursday, July 28, 2011 11:11 AM
Cc: sidr wg list
Subject: Re: [sidr] pCNT & prepending

+1 support.
It's import to defend "AS removal" attack.
_____________________________________________________
Yang Xiang, PhD student, Tsinghua Univ., about.me/xiangyang<http://about.me/xiangyang>



2011/7/28 Danny McPherson <danny@tcb.net<mailto:danny@tcb.net>>

Doug et al,
I like the general objective of pCNT and this seems a good idea to me.  My only comment at the microphone was that if we add this for compression, then validation should require that pCNT MUST be equal to the number of _contiguous ASx appearances in the path (i.e., no more, no less, and only contiguous).

I do wonder if pCNT=0 for transparent route servers introduces the opportunity for some sort of downgrade attack of sorts..

-danny
_______________________________________________
sidr mailing list
sidr@ietf.org<mailto:sidr@ietf.org>
https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email