Apologies for the extra spam, there was a topic point I missed in this mail, see below please.
On Wed, Nov 14, 2012 at 5:18 PM, Christopher Morrow <[email protected]> wrote: > GROW Folks, > The SIDR working group is working on security for origination and path > data related to BGP routes. There has been a note (a few) about SIDR's > effect(s) or not on 'route leaks'. There have even been a few notes on > 'what is a route leak'. To date there is a draft which discusses route > leaks: > > <http://tools.ietf.org/html/draft-foo-sidr-simple-leak-attack-bgpsec-no-help-02> > > where the authors have attempted to describe one (or many possible) > situations which are called 'route leaks'. They also attempt to > outline security issues which are follow-on effects of the situation > described. > Additionally there were several drafts written by Brian Dickson aiming to provide some definitions about route-leaks and some direction for a solution, they are: <http://tools.ietf.org/html/draft-dickson-sidr-route-leak-def-03> <http://tools.ietf.org/html/draft-dickson-sidr-route-leak-solns-01> <http://tools.ietf.org/html/draft-dickson-sidr-route-leak-reqts-02> These are probably best read in reverse numerical order: definition requirements solution I believe the author aimed to talk about this in a GROW meeting, or on the GROW list, I have not seen him pipe up as of yet to that end, however. -chris > SIDR attempted to look at route-leaks and came up a bit stymied, they > asked IDR for some assistance with the issue, IDR pushed back to GROW > to decide: > 1) What is a 'route leak' (perhaps the above draft identifies one > examplar to be used in that definition) > 2) Are 'route leaks' a problem that Operations folks care about > 3) Should IDR (or the IETF proper) address 'route leaks' with some > form(s) of fix action. > > The end result of the above 3 steps is to push back into IDR one of > two action requests: > 1) "Yes, route leaks are a problem, please fix them." > or > 2) "No, route leaks are not a problem, take no action." > > If #1 above is the answer, and IDR decides that changes to the BGP > protocol are warranted (or are a possible solution to the problem) > then SIDR has agreed to do what they can to 'secure' the bits > added/changed/used in that endeavor. > > Could we have some discussion on-list about this problem, and some > discussion about whether or not the draft referenced above fits the > definition we would like to use for 'route leak'? I would also like > the authors of the draft to decide where they would like to take their > draft: > 1) SIDR > 2) IDR > 3) GROW > 4) other > > Thanks! > -Chris > (co-chair 1:2 of grow, and 1:3 in sidr) _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
