[148690] in North American Network Operators' Group
Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)
daemon@ATHENA.MIT.EDU (Danny McPherson)
Fri Jan 20 09:12:54 2012
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <CA+rW-LD_55SuaPwwDx=Fj=db-eVHAxAHaGQ2nHaTPUOCJxAoTg@mail.gmail.com>
Date: Fri, 20 Jan 2012 09:11:41 -0500
To: Arturo Servin <aservin@lacnic.net>,
Yang Xiang <xiangy08@csnet1.cs.tsinghua.edu.cn>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 20, 2012, at 8:08 AM, Yang Xiang wrote:
>=20
> I think network operators are only careless, but not trust-less,
> so black-hole hijacking is the majority case.
This is aligned with the discussion on route leaks at the proposed=20
interim SIDR meeting just after NANOG.
Even with RPKI and BGPSEC fully deployed we still have this=20
vulnerability, which commonly manifests itself today even by=20
accident.=20
RPKI-enabled BGPSEC would give you some assurances that the
ASes in the AS_PATH represent the list of ASes through which the=20
NLRI traveled, but nothing about whether it should have traversed=20
those ASes in the first place -- so we still need something somewhere=20
to mitigate that threat.
See this draft for more information:
=
<http://tools.ietf.org/html/draft-foo-sidr-simple-leak-attack-bgpsec-no-he=
lp-01>
-danny=
