• Home
• About the IETF
• Mission
• Standards Process
• Note Well
• NomCom
• Info for Newcomers
• Internet-Drafts
• Datatracker
• Search
• Submit
• RFC Pages
• Search RFC Ed Index
• RFC Editor Queue
• IANA Pages
• Protocol Parameters
• Working Groups
• WG Charters
• Email Lists
• WG Chairs' Page
• Resources
• Community Tools
• Tools Team Pages
• Wikis
• Meetings
• Upcoming Meetings
• Past Meetings
• Important Dates
• Proceedings
• Mailing Lists
• Announcement Lists
• Discussion Lists
• Non-WG Lists
• IESG
• Announcements
• Statements
• Members
• Minutes
• IPR
• IPR Policy
• File a Disclosure
• Disclosure Search
• Liaisons
• Liaison Statements
• Liaison Managers
• Contact
• IETF Secretariat^®
• Legal Matters
• Report Web Site Errors
• Customize View
  
• Brief
• Normal
• Extended
• Advanced
• (Requires Javascript)

Secure Inter-Domain Routing (sidr)

Last Modified: 2011-08-18

Additional information is available at tools.ietf.org/wg/sidr

Chair(s):

• Sandra Murphy <Sandra.Murphy@sparta.com>
  
• Chris Morrow <morrowc@ops-netman.net>
  

Routing Area Director(s):

• Stewart Bryant <stbryant@cisco.com>
  
• Adrian Farrel <adrian@olddog.co.uk>
  

Routing Area Advisor:

• Stewart Bryant <stbryant@cisco.com>
  

Technical Advisor(s):

• Steven Bellovin <smb@cs.columbia.edu>
  

Mailing Lists:

General Discussion: sidr@ietf.org
To Subscribe: sidr-request@ietf.org
In Body: In Body: (un)subscribe
Archive: http://www.ietf.org/mail-archive/web/sidr/index.html

Description of Working Group:

The purpose of the SIDR working group is to reduce vulnerabilities in
the inter-domain routing system. The two vulnerabilities that will be
addressed are:

* Is an Autonomous System (AS) authorized to originate an IP prefix
* Is the AS-Path represented in the route the same as the path through
    which the NLRI traveled

The SIDR working group will take practical deployability into consideration.

Building upon the already completed and implemented framework:

* Resource Public Key Infrastructure (RPKI)
* Distribution of RPKI data to routing devices and its use in
      operational networks
* Document the use of certification objects within the secure
      routing architecture

This working group will specify security enhancements for inter-domain
routing protocols.

Goals and Milestones:

Done		Submit initial draft on inter-domain routing security within this architecture
Done		Submit initial draft on certificate objects to be used within this architecture
Done		Submit initial draft on securing origination of routing information
Jan 2010		I-D: draft-ietf-sidr-publication
Jan 2010		I-D: draft-ietf-sidr-keyroll
Jan 2010		I-D: draft-ietf-sidr-arch
Jan 2010		I-D: draft-ietf-sidr-cp
Jan 2010		I-D: draft-ietf-sidr-res-certs
Jan 2010		I-D: draft-ietf-sidr-roa-validation
Jan 2010		I-D: draft-ietf-sidr-signed-object
Jan 2010		I-D: draft-ietf-sidr-rpki-manifests
Jan 2010		I-D: draft-ietf-sidr-rpki-algs
Jan 2010		I-D: draft-ietf-sidr-rescerts-provisioning
Jan 2010		I-D: draft-ietf-sidr-ta
Mar 2010		I-D: draft-ietf-sidr-cps-irs
Mar 2010		I-D: draft-ietf-sidr-cps-isp
Nov 2010		I-D: draft-ietf-sidr-origin-ops
Nov 2010		I-D: draft-ietf-sidr-pfx-validate
Nov 2010		I-D: draft-ietf-sidr-repos-struct
Nov 2010		I-D: draft-ietf-sidr-roa-format
Nov 2010		I-D: draft-ietf-sidr-ltamgmt
Dec 2010		I-D: draft-rgaglian-sidr-algorithm-agility
Jan 2011		I-D: draft-ietf-sidr-ghostbusters
Feb 2011		I-D: draft-ietf-sidr-rpki-rtr
Mar 2011		I-D: Document the BGP protocol enhancements that meet the security requirements
Mar 2011		I-D: A requirements document that addresses these threats
Mar 2011		I-D: A document describing threats to the routing system
Mar 2011		I-D: An overview of the RPKI and BGP Protocol changes required for origin and path validation
Mar 2011		I-D: Operational deployment guidance for network operators
May 2011		I-D: draft-ietf-sidr-usecases
May 2011		Publication: draft-ietf-sidr-arch
May 2011		Publication: draft-ietf-sidr-cp
May 2011		Publication: draft-ietf-sidr-res-certs
Jun 2011		I-D: System and architecture design choices made in the protocol and RPKI
Jun 2011		Publication: draft-ietf-sidr-publication
Jun 2011		Publication: draft-ietf-sidr-repos-struct
Jun 2011		Publication: draft-ietf-sidr-roa-format
Jun 2011		Publication: draft-ietf-sidr-rpki-rtr
Jun 2011		Publication: draft-ietf-sidr-roa-validation
Jun 2011		Publication: draft-ietf-sidr-signed-object
Jun 2011		Publication: draft-ietf-sidr-rpki-manifests
Jul 2011		Publication: draft-ietf-sidr-origin-ops
Jul 2011		Publication: draft-ietf-sidr-rpki-algs
Jul 2011		Publication: draft-ietf-sidr-rescerts-provisioning
Aug 2011		Publication: draft-ietf-sidr-ta
Oct 2011		Publication: draft-rgaglian-sidr-algorithm-agility
Oct 2011		Publication: draft-ietf-sidr-ghostbusters
Nov 2011		Publication: draft-ietf-sidr-ltamgmt
Dec 2011		Publication: System and architecture design choices made in the protocol and RPKI
Dec 2011		Publication: draft-ietf-sidr-usecases
Dec 2011		Publication: draft-ietf-sidr-keyroll
Jan 2012		Publication: An overview of the RPKI and BGP Protocol changes required for origin and path validation
Jan 2012		Publication: Document the BGP protocol enhancements that meet the security requirements
Jan 2012		Publication: draft-ietf-sidr-pfx-validate
Mar 2012		Publication: draft-ietf-sidr-cps-irs
Mar 2012		Publication: draft-ietf-sidr-cps-isp
Jun 2012		Publication: A document describing threats to the routing system
Jun 2012		Publication: A requirements document that addresses these threats
Jul 2012		Publication: Operational deployment guidance for network operators

Internet-Drafts:

A Profile for X.509 PKIX Resource Certificates (70117 bytes)
Certificate Policy (CP) for the Resource PKI (RPKI (81091 bytes)
A Profile for Route Origin Authorizations (ROAs) (16595 bytes)
An Infrastructure to Support Secure Internet Routing (64912 bytes)
A Protocol for Provisioning Resource Certificates (66146 bytes)
Manifests for the Resource Public Key Infrastructure (43436 bytes)
Validation of Route Origination using the Resource Certificate PKI and ROAs (20797 bytes)
A Profile for Resource Certificate Repository Structure (37385 bytes)
Resource Certificate PKI (RPKI) Trust Anchor Locator (15811 bytes)
The Profile for Algorithms and Key Sizes for use in the Resource Public Key Infrastructure (11739 bytes)
Use Cases and Interpretation of RPKI Objects for Issuers and Relying Parties (60698 bytes)
BGP Prefix Origin Validation (21461 bytes)
The RPKI/Router Protocol (54535 bytes)
Signed Object Template for the Resource Public Key Infrastructure (26191 bytes)
CA Key Rollover in the RPKI (24230 bytes)
A Publication Protocol for the Resource Public Key Infrastructure (RPKI) (20730 bytes)
Local Trust Anchor Management for the Resource Public Key Infrastructure (70630 bytes)
BGP Prefix Origin Validation State Extended Community (11214 bytes)
RPKI-Based Origin Validation Operation (17620 bytes)
The RPKI Ghostbusters Record (15380 bytes)
RPKI Objects issued by IANA (28188 bytes)
Algorithm Agility Procedure for RPKI. (38990 bytes)
BGPSEC Protocol Specification (59025 bytes)
An Overview of BGPSEC (21465 bytes)
Threat Model for BGP Path Security (42453 bytes)
BGPsec Operational Considerations (18129 bytes)
Security Requirements for BGP Path Validation (16246 bytes)

No Request For Comments

Home - Tools Team - Datatracker - Web Site Usage Statistics - IASA - IAB - RFC Editor - IANA - IRTF - IETF Trust - ISOC - Store - Contact Us
Secretariat services provided by Association Management Solutions, LLC (AMS).
Please send problem reports to: ietf-action@ietf.org.