This is a new individual draft submission in SIDROPS. Thought there may be interest to look at it and comment here (in GROW) as well.
This work was motivated following a recent NANOG discussion about AS hijacking: https://mailman.nanog.org/pipermail/nanog/2020-June/207797.html Sriram ________________________________________ From: Sriram, Kotikalapudi (Fed) <[email protected]> Sent: Tuesday, July 14, 2020 8:44 AM To: [email protected] Subject: Fw: New Version Notification for draft-sriram-sidrops-as-hijack-detection-00.txt Comments on the draft are welcome. Chairs have kindly allocated time to present this at IETF 108 SIDROPS meeting. Sriram ________________________________________ From: [email protected] <[email protected]> Sent: Monday, July 13, 2020 7:52 PM To: Sriram, Kotikalapudi (Fed); Montgomery, Douglas C. (Fed) Subject: New Version Notification for draft-sriram-sidrops-as-hijack-detection-00.txt A new version of I-D, draft-sriram-sidrops-as-hijack-detection-00.txt has been successfully submitted by Kotikalapudi Sriram and posted to the IETF repository. Name: draft-sriram-sidrops-as-hijack-detection Revision: 00 Title: AS Hijack Detection and Mitigation Document date: 2020-07-13 Group: Individual Submission Pages: 5 URL: https://www.ietf.org/id/draft-sriram-sidrops-as-hijack-detection-00.txt Htmlized: https://tools.ietf.org/html/draft-sriram-sidrops-as-hijack-detection-00 Abstract: This document proposes a method for detection and mitigation of AS hijacking. In this mechanism, an AS operator registers a new object in the RPKI called 'ROAs Exist for All Prefixes (REAP)'. REAP is digitally signed using the AS holder's certificate. By registering REAP, the AS operator is declaring that they have Route Origin Authorization (ROA) coverage for all prefixes originated by their AS. A receiving AS will mark a route as Invalid if the prefix is not covered by any Validated ROA Payload (VRP) and the route origin AS has signed a REAP. Here Invalid means that the route is determined to be an AS hijack. _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
