IETF Logo Mail Archive

Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)

Rob Shakir <rjs@rob.sh> Wed, 07 September 2011 14:46 UTC

Return-Path: <rjs@rob.sh>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C419D21F8A71 for <sidr@ietfa.amsl.com>; Wed, 7 Sep 2011 07:46:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.024
X-Spam-Level:
X-Spam-Status: No, score=-2.024 tagged_above=-999 required=5 tests=[AWL=0.575, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QW-AIlI+wFIv for <sidr@ietfa.amsl.com>; Wed, 7 Sep 2011 07:46:23 -0700 (PDT)
Received: from cappuccino.rob.sh (cappuccino.rob.sh [IPv6:2001:b98:201:101::10:cafe]) by ietfa.amsl.com (Postfix) with ESMTP id 275E621F84F6 for <sidr@ietf.org>; Wed, 7 Sep 2011 07:46:23 -0700 (PDT)
Received: from [195.10.56.30] (helo=[212.137.15.246]) by cappuccino.rob.sh with esmtpa (Exim 4.69) (envelope-from <rjs@rob.sh>) id 1R1JOt-0006DP-Og; Wed, 07 Sep 2011 15:46:51 +0100
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Rob Shakir <rjs@rob.sh>
In-Reply-To: <5E9BE75F-C0A6-4B48-B15F-7E0B80EFE981@ericsson.com>
Date: Wed, 07 Sep 2011 15:48:10 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <D8AAA3B0-B4B8-47D5-A40B-B91049C2B5DB@rob.sh>
References: <A37CADA4-F16D-4C01-8D9C-D01001C4EFE4@tcb.net> <21C19DA8-7BF3-4832-8C13-C9A45FE026FB@algebras.org> <87D9E106-2A37-4E1E-8C69-7084C199A3FE@tcb.net> <331AEFBD-6AE5-469E-A11E-E672DC61DCDC@pobox.com> <B92913D1-AB82-4D9F-B8A9-F8F4F99713D6@tcb.net> <p06240803ca685bff5443@[128.89.89.43]> <D6D12861-412E-4A65-B626-B627449981B8@tcb.net> <34E4F50CAFA10349A41E0756550084FB0C2ED5A4@PRVPEXVS04.corp.twcable.com> <7B321CF0-ABE6-4FCD-B755-8099BB63399A@rob.sh> <5E9BE75F-C0A6-4B48-B15F-7E0B80EFE981@ericsson.com>
To: Jakob Heitz <jakob.heitz@ericsson.com>
X-Mailer: Apple Mail (2.1084)
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 14:46:26 -0000

On 7 Sep 2011, at 14:12, Jakob Heitz wrote:

> While a router that performs BGPSEC may not be more expensive in 5 years than one that does not today, that is not relevant. A router that performs BGPSEC in 5 years will most definitely cost more to produce as well as cost more to run than a router that does not perform BGPSEC in 5 years.
> 
> So, a question for you Rob. Will your customers pay the premium for BGP security?

Hi Jakob,

This is of course an interesting question - which comes down to the question of whether the threats that are being addressed by bgpsec are common-place. I definitely have customers that would pay a premium to mitigate this as a DoS vector, or malicious interception mechanism, but equally, have customers who would not, based on their current experience.

From what I have seen of the demand for origin validation at the current time, I would say that my personal opinion (and no dataset to support this, sorry) is that any willingness to pay a premium will grow relatively slowly. As such, this makes the point about trying to ensure that we have a deployable protocol that attempts to represent the smallest step change it can in terms of computational requirements more important to me - since this will mean that it is easier to begin deploying, and meeting the demand.

Kind regards,
r.

v2.23.0 | Report a Bug | By Email