Chris, On Nov 7, 2012, at 4:11 PM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > On Wed, Nov 7, 2012 at 2:15 PM, Shane Amante <sh...@castlepoint.net> wrote: >> Uhhh ... please tell me how a BGPSEC router, receiving a BGP PDU from another >> AS, is supposed to validate a BGPSEC path signature without relying on *any* >> offboard systems whatsoever? >> > > how does your browser verify the ssl certificate on your webserver?
OK, so you appear to admit that offboard systems are needed (in fact, critical?) for validation. Yet, the design space for BGPSEC has been specifically restricted to that which can *only* be solved with data carried in BGP itself. (See below for why I make this statement). [--snip--] >> of the more frequent & pernicious threats to Internet routing security. Weak >> sauce. > > again, propose a solution. I don't think anyone has said 'we do not > want to listen to your problem', in fact many people have said: "yes, > its a problem, provide a solution". I can't, nor do I believe can anyone else. I refer you to the following: http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-threats-03#section-5 ---snip--- o "Route leaks" are viewed as a routing security problem by many operators, even though there is no IETF-codified definition of a route leak. BGP itself does not include semantics that preclude what many perceive as route leaks. Moreover, route leaks are outside the scope of PATHSEC, at this time, based on the SIDR charter. Thus route leaks are not addressed in this threat model. ---snip--- First, the threats document says "there is no IETF-codified definition of a route leak", even though there exists the following: <http://tools.ietf.org/html/draft-foo-sidr-simple-leak-attack-bgpsec-no-help-02> and, apparently, based on other messages /no where in the IETF to even discuss it/! Second, there is this sentence: "BGP itself ***does not include semantics*** that preclude what many perceive as route leaks." ... That statement reads to me as stating that _because_ BGP does include semantics to solve for route-leaks, it's out-of-scope for PATHSEC. Trimming the rest as irrelevant to the core of the argument here. -shane _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr