Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees

Stephen Kent <kent@bbn.com> Thu, 10 September 2015 19:09 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18C541B3ED4 for <sidr@ietfa.amsl.com>; Thu, 10 Sep 2015 12:09:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SXqYgmSK0IeK for <sidr@ietfa.amsl.com>; Thu, 10 Sep 2015 12:09:23 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE1C11B3ED5 for <sidr@ietf.org>; Thu, 10 Sep 2015 12:09:21 -0700 (PDT)
Received: from ssh.bbn.com ([192.1.122.15]:51322 helo=COMSEC.fios-router.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1Za7Dk-0002uy-Oo for sidr@ietf.org; Thu, 10 Sep 2015 15:09:20 -0400
To: sidr@ietf.org
References: <f12cf36b3ee80798852c3fa13485b50d@mail.mandelberg.org> <20150827024945.B46A51ABFFC4@minas-ithil.hactrn.net> <ee74f52b5ad188553f7706a4a3c0e707@mail.mandelberg.org> <20150909010709.1682A1B25E5C@minas-ithil.hactrn.net> <4a6b03813484d7cd53bca4a9a8d86b83@mail.mandelberg.org>
From: Stephen Kent <kent@bbn.com>
Message-ID: <55F1D560.9070608@bbn.com>
Date: Thu, 10 Sep 2015 15:09:20 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <4a6b03813484d7cd53bca4a9a8d86b83@mail.mandelberg.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/z0PSJhJYt2-XfsIJ71prxLO7Rug>
Subject: Re: [sidr] draft-ietf-sidr-bgpsec-protocol-13's security guarantees
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2015 19:09:24 -0000

David,


>
> ...
>
> What does the guarantee about signature order provide? I don't see how 
> it's useful, but I could be missing something.
At least initially, sig order was required to match the AS transit 
order, to ensure that the
AS transit order is accurately represented. Is that no longer true?

Steve