| < draft-ietf-sidr-bgpsec-overview-03.txt | draft-ietf-sidr-bgpsec-overview-04.txt > | |||
|---|---|---|---|---|
| Network Working Group M. Lepinski | ||||
| Internet Draft BBN Technologies | ||||
| Intended status: Informational S. Turner | ||||
| Expires: January 15, 2014 IECA | ||||
| July 15, 2013 | ||||
| An Overview of BGPSEC | Network Working Group M. Lepinski | |||
| draft-ietf-sidr-bgpsec-overview-03.txt | Internet Draft BBN Technologies | |||
| Intended status: Informational S. Turner | ||||
| Expires: June 16, 2014 IECA | ||||
| December 16, 2013 | ||||
| An Overview of BGPSEC | ||||
| draft-ietf-sidr-bgpsec-overview-04.txt | ||||
| Abstract | Abstract | |||
| This document provides an overview of a security extension to the | This document provides an overview of a security extension to the | |||
| Border Gateway Protocol (BGP) referred to as BGPSEC. BGPSEC improves | Border Gateway Protocol (BGP) referred to as BGPSEC. BGPSEC improves | |||
| security for BGP routing. | security for BGP routing. | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 2, line 32 ¶ | skipping to change at page 2, line 32 ¶ | |||
| 5. Security Considerations........................................8 | 5. Security Considerations........................................8 | |||
| 6. IANA Considerations............................................8 | 6. IANA Considerations............................................8 | |||
| 7. References.....................................................9 | 7. References.....................................................9 | |||
| 7.1. Normative References......................................9 | 7.1. Normative References......................................9 | |||
| 7.2. Informative References....................................9 | 7.2. Informative References....................................9 | |||
| 1. Introduction | 1. Introduction | |||
| BGPSEC (Border Gateway Protocol Security) is an extension to the | BGPSEC (Border Gateway Protocol Security) is an extension to the | |||
| Border Gateway Protocol (BGP) that provides improved security for BGP | Border Gateway Protocol (BGP) that provides improved security for BGP | |||
| routing [RFC 4271]. | routing [RFC 4271]. This document contains a brief overview of BGPSEC | |||
| and its envisioned usage. | ||||
| A comprehensive discussion of BGPSEC is provided in the following set | A more detailed discussion of BGPSEC is provided in the following set | |||
| of documents: | of documents: | |||
| . [I-D.sidr-bgpsec-threats]: | . [I-D.sidr-bgpsec-threats]: | |||
| A threat model describing the security context in which BGPSEC | A threat model describing the security context in which BGPSEC | |||
| is intended to operate. | is intended to operate. | |||
| . [I-D.sidr-bgpsec-reqs]: | ||||
| A set of requirements for BGP path security, which BGPSEC is | ||||
| intended to satisfy. | ||||
| . [I-D.sidr-bgpsec-protocol]: | . [I-D.sidr-bgpsec-protocol]: | |||
| A standards track document specifying the BGPSEC extension to | A standards track document specifying the BGPSEC extension to | |||
| BGP. | BGP. | |||
| . [I-D.sidr-bgpsec-ops]: | . [I-D.sidr-bgpsec-ops]: | |||
| An informational document describing operational considerations | An informational document describing operational considerations. | |||
| for BGPSEC deployment. | ||||
| . [I-D.turner-sidr-bgpsec-pki-profiles] | . [I-D.turner-sidr-bgpsec-pki-profiles]: | |||
| A standards track document specifying a profile for X.509 | A standards track document specifying a profile for X.509 | |||
| certificates that bind keys used in BGPSEC to Autonomous System | certificates that bind keys used in BGPSEC to Autonomous System | |||
| numbers, as well as associated Certificate Revocation Lists | numbers, as well as associated Certificate Revocation Lists | |||
| (CRLs), and certificate requests. | (CRLs), and certificate requests. | |||
| . [I-D.turner-sidr-bgpsec-algs] | . [I-D.turner-sidr-bgpsec-algs] | |||
| A standards track document specifying suites of signature and | A standards track document specifying suites of signature and | |||
| digest algorithms for use in BGPSEC. | digest algorithms for use in BGPSEC. | |||
| . [I-D.sriram-bgpsec-design-choices] | In addition to this document set, some readers might be interested in | |||
| [I-D.sriram-bgpsec-design-choices], an informational document | ||||
| An informational document describing the choices that were made | describing the choices that were made the by the author team prior to | |||
| by the author team prior to the publication of the -00 version | the publication of the -00 version of draft-ietf-sidr-bgpsec- | |||
| of draft-ietf-sidr-bgpsec-protocol. Discussion of design choices | protocol. Discussion of design choices made since the publication of | |||
| made since the publication of the -00 can be found in the | the -00 can be found in the archives of the SIDR working group | |||
| archives of the SIDR working group mailing list. | mailing list. | |||
| The remainder of this document contains a brief overview of BGPSEC | ||||
| and its envisioned usage. | ||||
| 2. Background | 2. Background | |||
| The motivation for developing BGPSEC is that BGP does not include | The motivation for developing BGPSEC is that BGP does not include | |||
| mechanisms that allow an Autonomous System (AS) to verify the | mechanisms that allow an Autonomous System (AS) to verify the | |||
| legitimacy and authenticity of BGP route advertisements (see for | legitimacy and authenticity of BGP route advertisements (see for | |||
| example, [RFC 4272]). | example, [RFC 4272]). | |||
| The Resource Public Key Infrastructure (RPKI), described in | The Resource Public Key Infrastructure (RPKI), described in | |||
| [RFC6480], provides a first step towards addressing the validation of | [RFC6480], provides a first step towards addressing the validation of | |||
| skipping to change at page 3, line 52 ¶ | skipping to change at page 4, line 6 ¶ | |||
| Authorization (ROA), that allows holders of IP address resources to | Authorization (ROA), that allows holders of IP address resources to | |||
| authorize specific ASes to originate routes (in BGP) to these | authorize specific ASes to originate routes (in BGP) to these | |||
| resources. Data extracted from valid ROAs can be used by BGP speakers | resources. Data extracted from valid ROAs can be used by BGP speakers | |||
| to determine whether a received route was originated by an AS | to determine whether a received route was originated by an AS | |||
| authorized to originate that route (see [RFC6483] and [I-D.sidr- | authorized to originate that route (see [RFC6483] and [I-D.sidr- | |||
| origin-ops]). | origin-ops]). | |||
| By instituting a local policy that prefers routes with origins | By instituting a local policy that prefers routes with origins | |||
| validated using RPKI data (versus routes to the same prefix that | validated using RPKI data (versus routes to the same prefix that | |||
| cannot be so validated) an AS can protect itself from certain mis- | cannot be so validated) an AS can protect itself from certain mis- | |||
| origination attacks. For example, if a BGP speaker accidently (due to | ||||
| misconfiguration) originates routes to the wrong prefixes, ASes | ||||
| utilizing RPKI data could detect this error and decline to select | utilizing RPKI data could detect this error and decline to select | |||
| these mis-originated routes. However, use of RPKI data alone provides | these mis-originated routes. However, use of RPKI data alone provides | |||
| little or no protection against a sophisticated attacker. Such an | little or no protection against a sophisticated attacker. Such an | |||
| attacker could, for example, conduct a route hijacking attack by | attacker could, for example, conduct a route hijacking attack by | |||
| appending an authorized origin AS to an otherwise illegitimate AS | appending an authorized origin AS to an otherwise illegitimate AS | |||
| Path. (See [I-D.sidr-bgpsec-threats] for a detailed discussion of the | Path. (See [I-D.sidr-bgpsec-threats] for a detailed discussion of the | |||
| BGPSEC threat model.) | BGPSEC threat model.) | |||
| BGPSEC extends the RPKI by adding an additional type of certificate, | BGPSEC extends the RPKI by adding an additional type of certificate, | |||
| referred to as a BGPSEC router certificate, that binds an AS number | referred to as a BGPSEC router certificate, that binds an AS number | |||
| skipping to change at page 9, line 5 ¶ | skipping to change at page 8, line 44 ¶ | |||
| This document provides an overview of BPSEC; it does not define the | This document provides an overview of BPSEC; it does not define the | |||
| BGPSEC extension to BGP. The BGPSEC extension is defined in [I- | BGPSEC extension to BGP. The BGPSEC extension is defined in [I- | |||
| D.sidr-bgpsec-protocol]. The threat model for the BGPSEC is | D.sidr-bgpsec-protocol]. The threat model for the BGPSEC is | |||
| described in [I-D.sidr-bgpsec-threats]. | described in [I-D.sidr-bgpsec-threats]. | |||
| 6. IANA Considerations | 6. IANA Considerations | |||
| None. | None. | |||
| 7. References | ||||
| 7.1. Normative References | 7.1. Normative References | |||
| [RFC4271] Rekhter, Y., Li, T., and S. Hares, Eds., "A Border Gateway | [RFC4271] Rekhter, Y., Li, T., and S. Hares, Eds., "A Border Gateway | |||
| Protocol 4 (BGP-4)", RFC 4271, January 2006. | Protocol 4 (BGP-4)", RFC 4271, January 2006. | |||
| [RFC4893] Vohra, Q. and E. Chen, "BGP Support for Four-octet AS | [RFC4893] Vohra, Q. and E. Chen, "BGP Support for Four-octet AS | |||
| Numbers", RFC 4893, May 2007. | Numbers", RFC 4893, May 2007. | |||
| [RFC5492] Scudder, J. and R. Chandra, "Capabilities Advertisement | [RFC5492] Scudder, J. and R. Chandra, "Capabilities Advertisement | |||
| with BGP-4", RFC 5492, February 2009. | with BGP-4", RFC 5492, February 2009. | |||
| skipping to change at page 9, line 28 ¶ | skipping to change at page 9, line 21 ¶ | |||
| [RFC6480] Lepinski, M. and S. Kent, "An Infrastructure to Support | [RFC6480] Lepinski, M. and S. Kent, "An Infrastructure to Support | |||
| Secure Internet Routing", February 2012. | Secure Internet Routing", February 2012. | |||
| [RFC6483] Huston, G., and G. Michaelson, "Validation of Route | [RFC6483] Huston, G., and G. Michaelson, "Validation of Route | |||
| Origination using the Resource Certificate PKI and ROAs", February | Origination using the Resource Certificate PKI and ROAs", February | |||
| 2012. | 2012. | |||
| [I-D.sidr-origin-ops] Bush, R., "RPKI-Based Origin Validation | [I-D.sidr-origin-ops] Bush, R., "RPKI-Based Origin Validation | |||
| Operation", draft-ietf-sidr-origin-ops, work-in-progress. | Operation", draft-ietf-sidr-origin-ops, work-in-progress. | |||
| [I-D.sidr-bgpsec-threats] Kent, S., "Threat Model for BGP Path | [I-D.sidr-bgpsec-threats] Kent, S., and A. Chi, "Threat Model for BGP | |||
| Security", draft-ietf-sidr-bgpsec-threats, work-in-progress. | Path Security", draft-ietf-sidr-bgpsec-threats, work-in-progress. | |||
| [I-D.sidr-bgpsec-protocol] Lepinski, M., Ed., "BPSEC Protocol | [I-D.sidr-bgpsec-protocol] Lepinski, M., Ed., "BPSEC Protocol | |||
| Specification", draft-ietf-sidr-bgpsec-protocol, work-in-progress. | Specification", draft-ietf-sidr-bgpsec-protocol, work-in-progress. | |||
| [I-D.sidr-bgpsec-ops] Bush, R., "BGPSEC Operational Considerations", | [I-D.sidr-bgpsec-ops] Bush, R., "BGPSEC Operational Considerations", | |||
| draft-ietf-sidr-bgpsec-ops, work-in-progress. | draft-ietf-sidr-bgpsec-ops, work-in-progress. | |||
| [I-D.sidr-bgpsec-algs] Turner, S., "BGP Algorithms, Key Formats, & | [I-D.sidr-bgpsec-algs] Turner, S., "BGP Algorithms, Key Formats, & | |||
| Signature Formats", draft-ietf-sidr-bgpsec-algs, work-in-progress. | Signature Formats", draft-ietf-sidr-bgpsec-algs, work-in-progress. | |||
| skipping to change at page 10, line 5 ¶ | skipping to change at page 9, line 47 ¶ | |||
| 7.2. Informative References | 7.2. Informative References | |||
| [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | |||
| 4272, January 2006 | 4272, January 2006 | |||
| [I-D.sriram-bgpsec-design-choices] Sriram, K., "BGPSEC Design Choices | [I-D.sriram-bgpsec-design-choices] Sriram, K., "BGPSEC Design Choices | |||
| and Summary of Supporting Discussions", draft-sriram-bgpsec-design- | and Summary of Supporting Discussions", draft-sriram-bgpsec-design- | |||
| choices, work-in-progress. | choices, work-in-progress. | |||
| Author's' Addresses | [I-D.sidr-bgpsec-reqs] Bellovin, S., R. Bush, and D. Ward, "Security | |||
| Requirements for BGP Path Validation", draft-ietf-sidr-bgpsec-reqs, | ||||
| work-in-progress. | ||||
| Author's' Addresses | ||||
| Matt Lepinski | Matt Lepinski | |||
| BBN Technologies | BBN Technologies | |||
| 10 Moulton Street | 10 Moulton Street | |||
| Cambridge MA 02138 | Cambridge MA 02138 | |||
| Email: mlepinski@bbn.com | Email: mlepinski.ietf@gmail.com | |||
| Sean Turner | Sean Turner | |||
| IECA, Inc. | IECA, Inc. | |||
| 3057 Nutley Street, Suite 106 | 3057 Nutley Street, Suite 106 | |||
| Fairfax, VA 22031 | Fairfax, VA 22031 | |||
| Email: turners@ieca.com | Email: turners@ieca.com | |||
| End of changes. 14 change blocks. | ||||
| 30 lines changed or deleted | 32 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||