|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Reply-To: <bgreene@cisco.com> From: "Barry Raveendran Greene" <bgreene@cisco.com> To: "'Steven M. Bellovin'" <smb@research.att.com> Cc: <nanog@merit.edu> Date: Fri, 28 Feb 2003 18:13:17 -0800 In-Reply-To: <20030301011959.EE6867B4D@berkshire.research.att.com> Errors-To: owner-nanog-outgoing@merit.edu > The problem that sBGP is trying to solve is *authorization*, not > identification. Briefly -- and please read the papers and the specs > before flaming -- every originating AS would have a certificate chain > rooted at their local RIR stating that they own a certain address > block. If an ISP SWIPs a block to some customer, that ISP (which owns > a certificate from the RIR for the parent block) would sign a > certificate granting the subblock to the customer. The customer could > then announce it via sBGP. >=20 > The other part sBGP is that it provides a chain of signatures of the > entire ASpath back to the originator. Now - show me an operational environment on the Internet were this = authorization chain is _working_ today. RIRs and RADB do not count. As you mention = before, those databases and keeping them up to date are a "pulling teeth" = exercise. > Now -- there are clearly lots of issues here, including the fact that > the the authoritative address ownership data for old allocations is, > shall we say, a bit dubious. And the code itself is expensive to run, > since it involves a lot of digital signatures and verifications, > especially when things are thrashing because of a major backhoe hit. >=20 > But -- given things like the AS7007 incident, and given the = possibility > -- probability? -- that it can happen again, can we afford to not do > sBGP? =20 AS 7007 can be solved with our existing tool set.=20 As mentioned here and NANOGs in the past, our biggest problem are = providers not using the tools that they have to build incident resistance into today's network.=20 > My own opinion is that sophisticated routing attacks are the > single biggest threat to the Internet. My opinion is that lazy operational practices are the single biggest = threat to the Internet. What's the point of building security and robustness into = a system when people choose not to turn it on?
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |