For those (like me) that missed this getting re-announced ... someone (author) mis-named the draft:
draft-grow-simple-leak-attack-bgpsec-no-help-00.txt could we re-name this properly so it shows up in the grow work items? I think: draft-ietf-grow-simple-leak-attack-bgpsec-no-help-00.txt thanks! On Tue, Dec 4, 2012 at 12:19 PM, Smith, Donald <[email protected]> wrote: > > > "Pampers use multiple layers of protection to prevent leakage. Rommel used > defense in depth to defend European fortresses." (A.White) > [email protected] > > >>-----Original Message----- >>From: [email protected] [mailto:[email protected]] On Behalf Of >>Christopher Morrow >>Sent: Tuesday, December 04, 2012 7:35 AM >>To: Arturo Servin >>Cc: [email protected] [email protected]; draft-foo-sidr-simple-leak-attack- >>[email protected]; [email protected]; grow- >>[email protected] >>Subject: Re: [GROW] RouteLeaks - problem or not? >> >>On Tue, Dec 4, 2012 at 8:35 AM, Arturo Servin <[email protected]> >>wrote: >>> >>> >>> draft-foo-sidr-simple-leak-attack-bgpsec-no-help seems as a >>good start. >>> >>> I would suggest to make it more about leaks in general and not >>just >>> about security attacks (considering that many of the incidents with >>> leaks are mistakes and no targeted attacks). > > I would say that even accidental announcements affect the A (availability) in > CIA so it is security. > It may not be an attack and this might just be a nit. > > Additionally I wanted to add my support as an operator for 1. > "Yes, route leaks are a problem, please fix them." > >>> >> >>that was (one) of my comments, yes. (to the authors) >> >>> my 20 cents, >>> as >>> >>> >>> >>> On 04/12/2012 02:04, Christopher Morrow wrote: >>>> ok, so after some considerable discussion (and correction of my >>>> non-optimally-phrased questions) it seems there's some energy in >>>> discussing this in GROW... >>>> >>>> It seems that the draft: draft-foo-sidr-simple-leak-attack-bgpsec-no- >>help >>>> >>>> looks like a good starting point for this discussion, could we re- >>spin >>>> this as a GROW draft (re-title and submit) and perhaps send along >>>> updates according to the comments received (if any?). >>>> >>>> Once that appears it'd be grand if the list folks could discuss it a >>>> bit more so we can see where the discussion leads. >>>> >>>> -chris >>>> >>>> On Wed, Nov 14, 2012 at 5:18 PM, Christopher Morrow >>>> <[email protected]> wrote: >>>>> GROW Folks, >>>>> The SIDR working group is working on security for origination and >>path >>>>> data related to BGP routes. There has been a note (a few) about >>SIDR's >>>>> effect(s) or not on 'route leaks'. There have even been a few notes >>on >>>>> 'what is a route leak'. To date there is a draft which discusses >>route >>>>> leaks: >>>>> <http://tools.ietf.org/html/draft-foo-sidr-simple-leak-attack- >>bgpsec-no-help-02> >>>>> >>>>> where the authors have attempted to describe one (or many possible) >>>>> situations which are called 'route leaks'. They also attempt to >>>>> outline security issues which are follow-on effects of the situation >>>>> described. >>>>> >>>>> SIDR attempted to look at route-leaks and came up a bit stymied, >>they >>>>> asked IDR for some assistance with the issue, IDR pushed back to >>GROW >>>>> to decide: >>>>> 1) What is a 'route leak' (perhaps the above draft identifies one >>>>> examplar to be used in that definition) >>>>> 2) Are 'route leaks' a problem that Operations folks care about >>>>> 3) Should IDR (or the IETF proper) address 'route leaks' with some >>>>> form(s) of fix action. >>>>> >>>>> The end result of the above 3 steps is to push back into IDR one of >>>>> two action requests: >>>>> 1) "Yes, route leaks are a problem, please fix them." >>>>> or >>>>> 2) "No, route leaks are not a problem, take no action." >>>>> >>>>> If #1 above is the answer, and IDR decides that changes to the BGP >>>>> protocol are warranted (or are a possible solution to the problem) >>>>> then SIDR has agreed to do what they can to 'secure' the bits >>>>> added/changed/used in that endeavor. >>>>> >>>>> Could we have some discussion on-list about this problem, and some >>>>> discussion about whether or not the draft referenced above fits the >>>>> definition we would like to use for 'route leak'? I would also like >>>>> the authors of the draft to decide where they would like to take >>their >>>>> draft: >>>>> 1) SIDR >>>>> 2) IDR >>>>> 3) GROW >>>>> 4) other >>>>> >>>>> Thanks! >>>>> -Chris >>>>> (co-chair 1:2 of grow, and 1:3 in sidr) >>>> _______________________________________________ >>>> GROW mailing list >>>> [email protected] >>>> https://www.ietf.org/mailman/listinfo/grow >>>> >>_______________________________________________ >>GROW mailing list >>[email protected] >>https://www.ietf.org/mailman/listinfo/grow _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
