As regular ol' member: On Thursday, February 02, 2012, Brian Dickson said:
Comments on two of your statements. >The _only_ information is an _encoding_ of which AS neighbors A has, >under a zone controlled by A exclusively. ... >What is published is per-AS feasible-neighbor-AS information. > >It does not stop literal forging of AS paths or their signatures. This model of security is not what the wg charter calls for. And it would not meet the requirements in the requirements document. I personally would expect objections to a security solution that claimed it would not stop forging of AS_PATHs. >(Contrast this with the risk of exposed on-router private keys, where >literally _any_ AS-path could be forged via the AS of that router, >off-axis.) I believe you are wrong here. The holder of the private key for an AS can not produce the signatures for the ASs that precede it in the AS_PATH, nor the signatures for the ASs that follow it in the AS_PATH. By example: consider an AS_PATH A-B-C-D-E The holder of the private key for C cannot produce the signature attributes produced by A, B, D, or E. It can produce an update and a new signature for A-B-C, but *only* if it has a valid bgpsec update that A sent to B and B sent to C. It can not produce the signatures that D and E would add. (Each bgpsec signature protects all previous signatures.) It is not true that "literally _any_ AS-path could be forged via the AS of that router, off-axis" --Sandy, speaking as regular ol' member _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
