[Sidrops] Welcome your attention and any comments // FW: New Version Notification for draft-shen-sidrops-region-verification-00.txt
"Wanghaibo (Rainsword)" <rainsword.wang@huawei.com> Fri, 09 July 2021 02:05 UTC
Return-Path: <rainsword.wang@huawei.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11F373A336A for <sidrops@ietfa.amsl.com>; Thu, 8 Jul 2021 19:05:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dyGNTM6Hp3Ef for <sidrops@ietfa.amsl.com>; Thu, 8 Jul 2021 19:05:25 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0F943A336B for <sidrops@ietf.org>; Thu, 8 Jul 2021 19:05:24 -0700 (PDT)
Received: from fraeml710-chm.china.huawei.com (unknown [172.18.147.226]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4GLbjT2xC7z6BBBp for <sidrops@ietf.org>; Fri, 9 Jul 2021 09:51:09 +0800 (CST)
Received: from kwepeml500001.china.huawei.com (7.221.188.162) by fraeml710-chm.china.huawei.com (10.206.15.59) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 9 Jul 2021 04:05:20 +0200
Received: from kwepeml500001.china.huawei.com (7.221.188.162) by kwepeml500001.china.huawei.com (7.221.188.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Fri, 9 Jul 2021 10:05:18 +0800
Received: from kwepeml500001.china.huawei.com ([7.221.188.162]) by kwepeml500001.china.huawei.com ([7.221.188.162]) with mapi id 15.01.2176.012; Fri, 9 Jul 2021 10:05:18 +0800
From: "Wanghaibo (Rainsword)" <rainsword.wang@huawei.com>
To: "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: Welcome your attention and any comments // FW: New Version Notification for draft-shen-sidrops-region-verification-00.txt
Thread-Index: Add0ZhKPVJhtlSHrRiuCmn+yfBxMAg==
Date: Fri, 09 Jul 2021 02:05:18 +0000
Message-ID: <90b532bfdef34d1a9769c3d25b24543c@huawei.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.108.153.118]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/I6PjWJWfF-lZHteEPVF-cCtN2Ow>
Subject: [Sidrops] Welcome your attention and any comments // FW: New Version Notification for draft-shen-sidrops-region-verification-00.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2021 02:05:29 -0000
Hi All, We have published a new draft of region verifcation recently. https://datatracker.ietf.org/doc/draft-shen-sidrops-region-verification/ This is also introduced in the APNIC 50. https://conference.apnic.net/50/assets/files/APCS790/BGP-Routing-Security-Region-based-Trust-Alliance-Validation.pdf Welcome your comments and suggestions Abstract: BGP routing security is becoming a major issue that affects the normal running of Internet services. Currently, there are many solutions, including ROA authentication and ASPA authentication, to prevent route source hijacking, path hijacking, and route leaking. However, on an actual network, large ISPs with multiple ASes can use carefully constructed routes to bypass ROA and ASPA authentication to attack the target network. This document defines an region-based authentication method for large ISPs with many ASes to prevent traffic hijacking within ISPs.
- [Sidrops] Welcome your attention and any comments… Wanghaibo (Rainsword)
- Re: [Sidrops] Welcome your attention and any comm… Christopher Morrow
- Re: [Sidrops] Welcome your attention and any comm… Christopher Morrow
- Re: [Sidrops] Welcome your attention and any comm… Wanghaibo (Rainsword)