[180443] in North American Network Operators' Group
Re: Routing Insecurity (Re: BGP in the Washington Post)
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Wed Jun 3 04:28:01 2015
X-Original-To: nanog@nanog.org
From: "Roland Dobbins" <rdobbins@arbor.net>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Wed, 03 Jun 2015 15:27:51 +0700
In-Reply-To: <CAGvYMCrvPEBXv+P0no3DZ+uKBuvObemz=b0EfaR7=M9xxva82w@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
On 3 Jun 2015, at 9:04, Ethan Katz-Bassett wrote:
> The same folks also followed up that workshop paper with a longer
> paper on
> the topic:
> https://www.cs.bu.edu/~goldbe/papers/sigRPKI.pdf
Thanks to you and to Dale Carter - I was unaware of these papers.
Nonetheless, the risk remains of authorities interfering with the BGP as
they've interfered with the DNS.
I'm very cognizant of the non-trivial effects of route-hijacking, having
been involved in helping get a few of them resolved. Nonetheless, my
natural skepticism leads me to wonder whether we aren't better off with
the problematic, error-prone system we have (not to mention the
enumeration and enhanced DDoS impact of packeting routers doing crypto
for their BGP sessions and which aren't protected via iACLs/GTSM).
-----------------------------------
Roland Dobbins <rdobbins@arbor.net>
