On 05/11/2011, at 12:34 PM, Randy Bush wrote: >> I think the distinction between a leak and something more intentional >> s a matter of policy. Knowing the policy associated with the >> adjacencies that an AS is leaking over would allow leaked >> announcements to be identified > > o We can not know intent, should Mary have announced the prefix to Bob
I disagree with this assertion of impossibility. The intention of the routing policy databases in their various flavours and incarnations was to publish intent and allow others to filter based on intent. Yes, there is a viable form of filtering wayward prefix advertisements that are of the form of adherence or otherwise to published intent, and if everybody scrupulously entered the entirety of their routing policy into some form of routing policy database then indeed there could be a viable case to be made that you could create a routing security framework based on such foundations. So I'm not dismissive about the impossibility to know intent. One can in theory know intent, and filter based on intent. In many ways this is not so much different than what is going on with the effort to secure the outcome operation of the protocol. In this case the routing intent of the originator is not exposed, but it is possible to expose the relationship between the originator and the prefix holder, and expose the authenticity of inter-AS transactions that are described in the AS path. Again the same observation is that this only really works if everyone plays along, otherwise the gaps in the knowledge based of signed attestations cripple the general benefit of the outcome. So these are two different sides of a validation coin, if you'll pardon the analogy. One side says "I have no idea if BGP is being warped and twisted or not, but if what I hear from my peer conforms to the set of published routing policies, then I'll accept the update", while the other says "I have no idea if this was intentional or not, but what I have received is not the result of warping and twisting the operation of the BGP in unnatural ways then I'll accept the update". I suspect that most of this thread is these two points of view arguing past each other. _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
