IETF Logo Mail Archive

Re: [sidr] beacons and bgpsec

Danny McPherson <danny@tcb.net> Wed, 10 August 2011 02:02 UTC

Return-Path: <danny@tcb.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF02C228014 for <sidr@ietfa.amsl.com>; Tue, 9 Aug 2011 19:02:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RuFwvbs-qRp3 for <sidr@ietfa.amsl.com>; Tue, 9 Aug 2011 19:02:49 -0700 (PDT)
Received: from exprod6og106.obsmtp.com (exprod6og106.obsmtp.com [64.18.1.191]) by ietfa.amsl.com (Postfix) with ESMTP id D994E228013 for <sidr@ietf.org>; Tue, 9 Aug 2011 19:02:48 -0700 (PDT)
Received: from osprey.verisign.com ([216.168.239.75]) (using TLSv1) by exprod6ob106.postini.com ([64.18.5.12]) with SMTP ID DSNKTkHm2hIPkLms+j1isaemm1DsnV4eLzKu@postini.com; Tue, 09 Aug 2011 19:03:19 PDT
Received: from dul1wnexcn03.vcorp.ad.vrsn.com (dul1wnexcn03.vcorp.ad.vrsn.com [10.170.12.113]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id p7A2355j006352; Tue, 9 Aug 2011 22:03:05 -0400
Received: from dul1dmcphers-m2.vcorp.ad.vrsn.com ([10.100.0.146]) by dul1wnexcn03.vcorp.ad.vrsn.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 9 Aug 2011 22:03:04 -0400
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <78CF412E-8C71-49F8-A5DE-6A89C58196AB@vpnc.org>
Date: Tue, 09 Aug 2011 22:03:04 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <AA8C7B11-7F4D-48A9-A3C6-E167553539D6@tcb.net>
References: <A37CADA4-F16D-4C01-8D9C-D01001C4EFE4@tcb.net> <21C19DA8-7BF3-4832-8C13-C9A45FE026FB@algebras.org> <87D9E106-2A37-4E1E-8C69-7084C199A3FE@tcb.net> <331AEFBD-6AE5-469E-A11E-E672DC61DCDC@pobox.com> <m2k4am11nu.wl%randy@psg.com> <78CF412E-8C71-49F8-A5DE-6A89C58196AB@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
X-Mailer: Apple Mail (2.1084)
X-OriginalArrivalTime: 10 Aug 2011 02:03:05.0071 (UTC) FILETIME=[A457E7F0:01CC5701]
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] beacons and bgpsec
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2011 02:02:49 -0000

On Aug 9, 2011, at 9:56 PM, Paul Hoffman wrote:

> 
> +1. I don't see anything in my notes on Randy's presentation about "are pretty much useless and add considerable churn and complexity with little return from a practical attack surface perspective". The closest I see in my notes is "Doesn't gain anything against attack where an attacker could just do a withdraw".

My comment in the initial message:

"I think Randy successfully convinced me during his talk at the Quebec City WG session that "beacons" at a frequency of 24 hours (or anything in the "hours" range) are pretty much useless and add considerable churn and complexity with little return from a practical attack surface perspective.  "

I didn't quite Randy or his slides there, but I stand by my conclusions.

-danny

v2.23.0 | Report a Bug | By Email