[144206] in North American Network Operators' Group
RE: Do Not Complicate Routing Security with Voodoo Economics
daemon@ATHENA.MIT.EDU (Michael Schapira)
Mon Sep 5 10:26:18 2011
Date: Mon, 05 Sep 2011 10:25:50 -0400 (EDT)
From: Michael Schapira <ms7@CS.Princeton.EDU>
To: "Dobbins, Roland" <rdobbins@arbor.net>
In-Reply-To: <f4d7e84a-6b20-44f5-9f4b-ff191344ed0b@suckerpunch-mbx-0.CS.Princeton.EDU>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sep 5, 2011, at 11:55 AM, Dobbins, Roland wrote:
> The idea of origin validation is a simple one. The idea of path validation isn't to determine the 'correctness' or 'desirability' of a
> particular AS-path, but rather to determine the *validity* (or at least the *feasability*) of a given AS-path.
Sorry, I was misunderstood. To clarify, I was referring only to our work (http://www.cs.utoronto.ca/~phillipa/sbgpTrans.html), where security does play a small role in the route selection process (after LocalPref and AS-PATH length), and not to the BGPsec spec. The reason why we assume that security affects the route selection process is because otherwise, even an AS that deploys S*BGP, remains vulnerable to attacks. To see why, take a look at slides 10-13 of our NANOG presentation (http://www.cs.bu.edu/~goldbe/papers/Goldberg-TransitionToSBGP-NANOG.pdf, video available at http://www.cs.utoronto.ca/~phillipa/sbgpTrans.html). The basic idea is: if an AS prefers short paths over secure paths they'll be just as vulnerable to path-shortening attacks with and without S*BGP.
