On Wed, May 14, 2014 at 3:59 PM, George, Wes <[email protected]> wrote: > 1) route leaks are [definition, see text suggestion in previous message] > 2) there are ways for this sort of leak to be used as a MITM attack > [example from your draft]
I would actually argue that the general case of 'route leak' causes things which are potentially more (broadly) harmful: latency increases loss increases blackholing Sure, MiTM is a side effect of this, but really as soon as you cross AS boundaries (even one you WANT to cross) you are open to MiTM attacks. For GROW I would think the relevant bits are the latency, loss, blackholing concerns. MiTM gets good press, but isn't really required to discuss the actual problem of 'oh crap why did my packets take a left turn THERE??' > 3) these leaks occur very frequently [data citations from your draft] > 3a) but not all are malicious, some are misconfigurations, some are > intentional > 4) routing hygiene helps to prevent, but not eliminate [discuss gaps] > 5) BGPSec doesn’t fix, because it can only secure BGP attributes, and BGP > has no semantics to convey intent or this type of inter-AS propagation > boundary policy (I agree with the rest of wes' points... I'm not sure it benefits anyone in GROW land to hammer on bgpsec, especially when things like rpki deployment would help stop leaks, if used in conjunction with route filtering practices) -chris 'just a guy' hat on. _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
