A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Secure Inter-Domain Routing Working Group of
the IETF.
Title : Threat Model for BGP Path Security
Author(s) : Stephen Kent
Andrew Chi
Filename : draft-ietf-sidr-bgpsec-threats-07.txt
Pages : 19
Date : 2013-10-08
Abstract:
This document describes a threat model for the context in which
(E)BGP path security mechanisms will be developed. The threat model
includes an analysis of the RPKI, and focuses on the ability of an AS
to verify the authenticity of the AS path info received in a BGP
update. We use the term PATHSEC to refer to any BGP path security
technology that makes use of the RPKI. PATHSEC will secure BGP
[RFC4271], consistent with the inter-AS security focus of the RPKI
[RFC6480].
The document characterizes classes of potential adversaries that are
considered to be threats, and examines classes of attacks that might
be launched against PATHSEC. It does not revisit attacks against
unprotected BGP, as that topic has already been addressed in
[RFC4271]. It concludes with brief discussion of residual
vulnerabilities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-threats-07
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-threats-07
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
