A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Secure Inter-Domain Routing Working Group of
the IETF.
Title : Threat Model for BGP Path Security
Author(s) : Stephen Kent
Andrew Chi
Filename : draft-ietf-sidr-bgpsec-threats-09.txt
Pages : 20
Date : 2013-12-10
Abstract:
This document describes a threat model for the context in which
Exterior Border Gateway Protocol (EBGP) path security mechanisms will
be developed. The threat model includes an analysis of the Resource
Public Key Infrastructure (RPKI), and focuses on the ability of an
autonomous system (AS) to verify the authenticity of the AS path info
received in a BGP update. We use the term PATHSEC to refer to any
BGP path security technology that makes use of the RPKI. PATHSEC
will secure BGP, consistent with the inter-AS security focus of the
RPKI.
The document characterizes classes of potential adversaries that are
considered to be threats, and examines classes of attacks that might
be launched against PATHSEC. It does not revisit attacks against
unprotected BGP, as that topic has already been addressed in the
BGP-4 standard. It concludes with brief discussion of residual
vulnerabilities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-threats
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-threats-09
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-bgpsec-threats-09
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
