[78409] in North American Network Operators' Group
Re: Heads up: Long AS-sets announced in the next few days
daemon@ATHENA.MIT.EDU (Blaine Christian)
Thu Mar 3 13:52:23 2005
Date: Thu, 03 Mar 2005 13:51:38 -0500
From: Blaine Christian <blaine@blaines.net>
To: Jeroen Massar <jeroen@unfix.org>, Geoff Huston <gih@apnic.net>
Cc: <routing-wg@ripe.net>, <nanog@merit.edu>, <ris-users@ripe.net>
In-Reply-To: <1109869329.23797.29.camel@firenze.zurich.ibm.com>
Errors-To: owner-nanog@merit.edu
> I am probably telling you what you already know, but for the ones who
> don't know it yet:
>
> Secure BGP (S-BGP):
> http://www.ir.bbn.com/projects/s-bgp/
> http://www.nanog.org/mtg-0306/pdf/bellovinsbgp.pdf
> http://www.nwfusion.com/details/6484.html?def
>
> and of course the sister by amongst others Cisco:
>
> Secure Origin BGP (SO-BGP):
> http://bgp.potaroo.net/ietf/idref/ draft-ng-sobgp-bgp-extensions/
> http://www.nwfusion.com/details/6485.html
> http://www.nanog.org/mtg-0306/pdf/alvaro.pdf
>
> etc... most people know how to google I guess ;)
>
> Aka BGP with certificates and other nice tricks.
>
And, of course, the RPSEC working group draft that is supposed to target the
BGP requirements for those proposed systems is...
http://www.ietf.org/internet-drafts/draft-ietf-rpsec-bgpsecrec-01.txt
The folks who worked on S-BGP and SO-BGP participated in it's creation (as
well as several operators). Please note that there are more than just two
proposed mechanisms for securing BGP. The two mentioned above are just the
most popular <grin>.
