nanog mailing list archives

Re: soBGP deployment

From: Russ White <ruwhite () cisco com>
Date: Tue, 24 May 2005 07:34:06 -0400 (Eastern Daylight Time)

   - soBGP allows the receiver to determine that the AS Path describes a
plausible traversal across the network, but cannot validate that the update
itself traversed this path.


further, the latter, because it relies on a separate data set for
path validity, has serious and very kinky temporal sync problems.


*sigh*

Once again: This data is updated at the same rate and in the same way asBGP routing data. Randy, if you're going to ignore me, and you _claim_ tohave read teh soBGP drafts, you could at least tell the truth about the waysoBGP works. I don't lie about S-BGP, I know how it works, and understandits good and bad points.

This is an issue of _design tradeoffs_, plain and simple, as all securityis. If I had infinite money, I might live in a burglarproof house. I don't,hence, I accept some level of break in risk. This is the way life is. If Ihad infinite processing power and infinite bandwidth across every link, mytradeoffs are different when considering the options available.

i receive a bgp announcement from a new peer, but the announcement wasoriginated two weeks ago (shockers! a stable route); was the assertedpath to my new peer valid when the announcement was originated two weeksago? once your mind starts down such paranoid paths, the void opensbefore one's eyes.


I have this:

A---B----C
|        |
+---D----+

A is dual homed to B and D, and is advertising 10.1.1.0/24 through both. Aremoves its connection to B, but continues its connection through D. D isaggregating to 10.1.0.0/16, just to make things interesting.

How long can B continue advertising the _fully signed_ and, to C, fullysecure path to 10.1.1.0/24 through a path that no longer exists? No matterhow long you make the timestamp, it's too long (and how long _is_ S-BGP'stimestamp??). The possible attacks of this nature against signature basedsystems are limitless.


:-)

Russ

__________________________________
riw () cisco com CCIE <>< Grace Alone

Current thread:

Re: soBGP deployment, (continued)
- - - Re: soBGP deployment Daniel Golding (May 26)
    - Re: soBGP deployment Randy Bush (May 26)
    - Re: soBGP deployment Tony Li (May 26)
    - Re: soBGP deployment william(at)elan.net (May 26)
    - Re: soBGP deployment Todd Underwood (May 27)
    - Re: [s,o]BGP deployment bmanning (May 27)
    - Re: [s,o]BGP deployment Randy Bush (May 27)
    - Re: [s,o]BGP deployment Lucy E. Lynch (May 27)
    - Re: [s,o]BGP deployment bmanning (May 27)
    - Re: soBGP deployment Tony Li (May 28)
    - Re: soBGP deployment Russ White (May 24)
    - Message not available
    - Re: soBGP deployment Jay R. Ashworth (May 23)
    - Re: soBGP deployment Edward Lewis (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Russ White (May 23)
    - Re: soBGP deployment Florian Weimer (May 24)
    - Re: soBGP deployment Alexei Roudnev (May 24)
  - Re: soBGP deployment Iljitsch van Beijnum (May 22)