[150473] in North American Network Operators' Group
Re: do not filter your customers
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Fri Feb 24 17:05:56 2012
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <1E4FA693-C09B-41F1-9A19-733853007327@tcb.net>
Date: Fri, 24 Feb 2012 17:04:43 -0500
To: Danny McPherson <danny@tcb.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 24, 2012, at 2:26 14PM, Danny McPherson wrote:
>
> On Feb 24, 2012, at 1:10 PM, Steven Bellovin wrote:
>
>> But just because we can't solve the whole problem, does that
>> mean we shouldn't solve any of it?
>
> Nope, we most certainly should decompose the problem into
> addressable elements, that's core to engineering and operations.
>
> However, simply because the currently envisaged solution
> doesn't solve this problem doesn't mean we shouldn't
> acknowledge it exists.
>
> The IETF's BGP security threats document [1] "describes a threat
> model for BGP path security", which constrains itself to the
> carefully worded SIDR WG charter, which addresses route origin
> authorization and AS_PATH "semantics" -- i.e., this "leak"
> problem is expressly out of scope of a threats document
> discussing BGP path security - eh?
>
> How the heck we can talk about BGP path security and not
> consider this incident a threat is beyond me, particularly when it
> happens by accident all the time. How we can justify putting all
> that BGPSEC and RPKI machinery in place and not address this
> "leak" issue somewhere in the mix is, err.., telling.
I repeat -- we're in violent agreement that route leaks are
a serious problem. No one involved in BGPSEC -- not me, not Randy,
not anyone -- disagrees. Give us an actionable definition and
we'll try to build a defense. Right now, we have nothing better
than what Justice Potter Stewart once said in an opinion: "I shall
not today attempt further to define the kinds of material I
understand to be embraced within that shorthand description
["hard-core pornography"]; and perhaps I could never succeed
in intelligibly doing so. But I know it when I see it..."
Again -- *please* give us a definition.
--Steve Bellovin, https://www.cs.columbia.edu/~smb
P.S. It was routing problems, including leaks between RIP and either
EIGRP or OSPF (it's been >20 years; I just don't remember), that got
me involved in Internet security in the first place. I really do
understand the issue.
