idnits 2.17.1 draft-ietf-sidr-bgpsec-algs-18.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. -- The draft header indicates that this document updates RFC7935, but the abstract doesn't seem to directly say this. It does mention RFC7935 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 2, 2017) is 2581 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 2986 ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) ** Downref: Normative reference to an Informational RFC: RFC 6090 -- Possible downref: Non-RFC (?) normative reference: ref. 'DSS' -- Possible downref: Non-RFC (?) normative reference: ref. 'SHS' Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Secure Inter-Domain Routing Working Group S. Turner 3 Internet-Draft sn3rd 4 Updates: 7935 (if approved) O. Borchert 5 Intended status: Standards Track NIST 6 Expires: October 4, 2017 April 2, 2017 8 BGPsec Algorithms, Key Formats, & Signature Formats 9 draft-ietf-sidr-bgpsec-algs-18 11 Abstract 13 This document specifies the algorithms, algorithm parameters, 14 asymmetric key formats, asymmetric key size and signature format used 15 in BGPsec (Border Gateway Protocol Security). This document updates 16 the Profile for Algorithms and Key Sizes for Use in the Resource 17 Public Key Infrastructure (RFC 7935). 19 This document also includes example BGPsec Update messages as well as 20 the private keys used to generate the messages and the certificates 21 necessary to validate those signatures. 23 Status of this Memo 25 This Internet-Draft is submitted in full conformance with the 26 provisions of BCP 78 and BCP 79. 28 Internet-Drafts are working documents of the Internet Engineering 29 Task Force (IETF). Note that other groups may also distribute 30 working documents as Internet-Drafts. The list of current Internet- 31 Drafts is at http://datatracker.ietf.org/drafts/current/. 33 Internet-Drafts are draft documents valid for a maximum of six months 34 and may be updated, replaced, or obsoleted by other documents at any 35 time. It is inappropriate to use Internet-Drafts as reference 36 material or to cite them other than as "work in progress." 38 Copyright Notice 40 Copyright (c) 2017 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 57 2. Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . 3 58 3. Asymmetric Key Pair Formats . . . . . . . . . . . . . . . . . 3 59 3.1. Public Key Format . . . . . . . . . . . . . . . . . . . . 4 60 3.2. Private Key Format . . . . . . . . . . . . . . . . . . . . 4 61 4. Signature Format . . . . . . . . . . . . . . . . . . . . . . . 4 62 5. Additional Requirements . . . . . . . . . . . . . . . . . . . 4 63 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 64 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 65 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5 66 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 67 9.1. Normative References . . . . . . . . . . . . . . . . . . . 6 68 9.2. Informative References . . . . . . . . . . . . . . . . . . 7 69 Appendix A Examples . . . . . . . . . . . . . . . . . . . . . . . 8 70 A.1. Topology and experiment description . . . . . . . . . . . 8 71 A.2. Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 72 A.3. BGPsec IPv4 . . . . . . . . . . . . . . . . . . . . . . . 11 73 A.4. BGPsec IPv6 . . . . . . . . . . . . . . . . . . . . . . . 13 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16 76 1. Introduction 78 This document specifies: 79 o the digital signature algorithm and parameters; 80 o the hash algorithm and parameters; 81 o the public and private key formats; and, 82 o the signature format 83 used by Resource Public Key Infrastructure (RPKI) Certification 84 Authorities (CA), and BGPsec (Border Gateway Protocol Security) 85 speakers (i.e., routers). CAs use these algorithms when processing 86 requests for BGPsec Router Certificates [ID.sidr-bgpsec-pki- 87 profiles]. Examples when BGPsec routers use these algorithms include 88 requesting BGPsec certificates [ID.sidr-bgpsec-pki-profiles], signing 89 BGPsec Update messages [ID.sidr-bgpsec-protocol], and verifying 90 BGPsec Update messages [ID.sidr-bgpsec-protocol]. 92 This document updates [RFC7935] to add support for a) a different 93 algorithm for BGPsec certificate requests, which are issued only by 94 BGPsec speakers; b) a different Subject Public Key Info format for 95 BGPsec certificates, which is needed for the specified BGPsec 96 signature algorithm; and, c) a different signature format for BGPsec 97 signatures, which is needed for the specified BGPsec signature 98 algorithm. The BGPsec certificate are differentiated from other RPKI 99 certificates by the use of the BGPsec Extended Key Usage defined in 100 [ID.sidr-bgpsec-pki-profiles]. BGPsec uses a different algorithm as 101 compared to the rest of the RPKI to minimize the size of the protocol 102 exchanged between routers [RFC5480]. 104 Appendix A contains example BGPsec Update messages as well as the 105 private keys used to generate the signatures and the certificates 106 necessary to validate those signatures. 108 1.1. Terminology 110 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 111 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 112 "OPTIONAL" in this document are to be interpreted as described in 113 [RFC2119]. 115 2. Algorithms 117 The algorithms used to compute signatures on CA certificates, BGPsec 118 Router Certificates, and CRLs are as specified in Section 2 of 119 [RFC7935]. This section addresses BGPsec algorithms, for example 120 these algorithms are used by BGPsec routers to request BGPsec 121 certificates, by RPKI CAs to verify BGPsec certification requests, by 122 BGPsec routers to generate BGPsec Update messages, and by BGPsec 123 routers to verify BGPsec Update message: 125 o The signature algorithm used MUST be the Elliptic Curve Digital 126 Signature Algorithm (ECDSA) with curve P-256 [RFC6090][DSS]. 128 o The hash algorithm used MUST be SHA-256 [SHS]. 130 Hash algorithms are not identified by themselves in certificates or 131 BGPsec Update messages. They are represented by an OID that combines 132 the hash algorithm with the digital signature algorithm as follows: 134 o The ecdsa-with-SHA256 OID [RFC5480] MUST appear in the PKCS #10 135 signatureAlgorithm field [RFC2986] or in Certificate Request 136 Message Format (CRMF) POPOSigningKey algorithm field [RFC4211], 137 which location depends on the certificate request format 138 generated. 140 o In BGPsec Update messages, the ECDSA with SHA-256 Algorithm Suite 141 Identifier value 0x1 (see Section 7) is included in the 142 Signature-Block List's Algorithm Suite Identifier field. 144 3. Asymmetric Key Pair Formats 145 The key formats used to compute signatures on CA certificates, BGPsec 146 Router Certificates, and CRLs are as specified in Section 3 of 147 [RFC7935]. This section addresses key formats found in the BGPsec 148 router certificate requests and in BGPsec Router Certificates. 150 The ECDSA private keys used to compute signatures for certificate 151 requests and BGPsec Update messages MUST come from the P-256 curve 152 [RFC5480]. The public key pair MUST use the uncompressed form. 154 3.1. Public Key Format 156 The Subject's public key is included in subjectPublicKeyInfo 157 [RFC5280]. It has two sub-fields: algorithm and subjectPublicKey. 158 The values for the structures and their sub-structures follow: 160 o algorithm (an AlgorithmIdentifier type): The id-ecPublicKey OID 161 MUST be used in the algorithm field, as specified in Section 162 2.1.1 of [RFC5480]. The value for the associated parameters MUST 163 be secp256r1, as specified in Section 2.1.1.1 of [RFC5480]. 165 o subjectPublicKey: ECPoint MUST be used to encode the 166 certificate's subjectPublicKey field, as specified in Section 2.2 167 of [RFC5480]. 169 3.2. Private Key Format 171 Local Policy determines private key format. 173 4. Signature Format 175 The structure for the certificate's and CRL's signature field MUST be 176 as specified in Section 4 of [RFC7935], which is the same format used 177 by other RPKI certificates. The structure for the certification 178 request's and BGPsec Update message's signature field MUST be as 179 specified in Section 2.2.3 of [RFC3279]. 181 5. Additional Requirements 183 It is anticipated that BGPsec will require the adoption of updated 184 key sizes and a different set of signature and hash algorithms over 185 time, in order to maintain an acceptable level of cryptographic 186 security. This profile should be updated to specify such future 187 requirements, when appropriate. 189 The recommended procedures to implement such a transition of key 190 sizes and algorithms is specified in [RFC6916]. 192 6. Security Considerations 193 The Security Considerations of [RFC3279], [RFC5480], [RFC6090], 194 [RFC7935], and [ID.sidr-bgpsec-pki-profiles] apply to certificates. 195 The security considerations of [RFC3279], [RFC6090], [RFC7935], 196 [ID.sidr-bgpsec-pki-profiles] apply to certification requests. The 197 security considerations of [RFC3279], [ID.sidr-bgpsec-protocol], and 198 [RFC6090] apply to BGPsec Update messages. No new security 199 considerations are introduced as a result of this specification. 201 7. IANA Considerations 203 The Internet Assigned Numbers Authority (IANA) is requested to define 204 the "BGPsec Algorithm Suite Registry" in the Resource Public Key 205 Infrastructure (RPKI) group. The one-octet BGPsec Algorithm Suite 206 Registry identifiers assigned by IANA identifies the digest algorithm 207 and a signature algorithm used in the BGPsec Signature-Block List's 208 Algorithm Suite Identifier field. 210 IANA is kindly requested to also register a single algorithm suite 211 identifier, for the digest algorithm SHA-256 [SHS] and the signature 212 algorithm ECDSA on the P-256 curve [RFC6090][DSS]. 214 BGPsec Algorithm Suites Registry 216 Algorithm Digest Signature Specification 217 Suite Algorithm Algorithm Pointer 218 Identifier 220 +------------+------------+-------------+---------------------+ 221 | 0x0 | Reserved | Reserved | This draft | 222 +------------+------------+-------------+---------------------+ 223 | 0x1 | SHA-256 | ECDSA P-256 | [SHS][DSS][RFC6090] | 224 +------------+------------+-------------+---------------------+ 225 | 0x2-0xEF | Unassigned | Unassigned | This draft | 226 +------------+------------+-------------+---------------------+ 227 | 0xFF | Reserved | Reserved | This draft | 228 +------------+------------+-------------+---------------------+ 230 Future assignments are to be made using the Standards Action process 231 defined in [RFC5226]. Assignments consist of the one-octet algorithm 232 suite identifier value and the associated digest algorithm name and 233 signature algorithm name. 235 8. Acknowledgements 237 The author wishes to thank Geoff Huston and George Michaelson for 238 producing [RFC7935], which this document is entirely based on. I'd 239 also like to thank Roque Gagliano, David Mandelberg, Tom Petch, Sam 240 Weiller, and Stephen Kent for their reviews and comments. Mehmet 241 Adalier, Kotikalapudi Sriram, and Doug Montgomery were instrumental 242 in developing the test vectors found in Appendix A. 244 9. References 246 9.1. Normative References 248 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 249 Requirement Levels", BCP 14, RFC 2119, DOI 250 10.17487/RFC2119, March 1997, . 253 [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification 254 Request Syntax Specification Version 1.7", RFC 2986, DOI 255 10.17487/RFC2986, November 2000, . 258 [RFC3279] Bassham, L., Polk, W., and R. Housley, "Algorithms and 259 Identifiers for the Internet X.509 Public Key 260 Infrastructure Certificate and Certificate Revocation List 261 (CRL) Profile", RFC 3279, DOI 10.17487/RFC3279, April 2002, 262 . 264 [RFC4211] Schaad, J., "Internet X.509 Public Key Infrastructure 265 Certificate Request Message Format (CRMF)", RFC 4211, DOI 266 10.17487/RFC4211, September 2005, . 269 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 270 IANA Considerations Section in RFCs", BCP 26, RFC 5226, DOI 271 10.17487/RFC5226, May 2008, . 274 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 275 Housley, R., and W. Polk, "Internet X.509 Public Key 276 Infrastructure Certificate and Certificate Revocation List 277 (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, 278 . 280 [RFC5480] Turner, S., Brown, D., Yiu, K., Housley, R., and T. Polk, 281 "Elliptic Curve Cryptography Subject Public Key 282 Information", RFC 5480, DOI 10.17487/RFC5480, March 2009, 283 . 285 [RFC6090] McGrew, D., Igoe, K., and M. Salter, "Fundamental Elliptic 286 Curve Cryptography Algorithms", RFC 6090, DOI 287 10.17487/RFC6090, February 2011, . 290 [RFC6916] Gagliano, R., Kent, S., and S. Turner, "Algorithm Agility 291 Procedure for the Resource Public Key Infrastructure 292 (RPKI)", BCP 182, RFC 6916, DOI 10.17487/RFC6916, April 293 2013, . 295 [RFC7935] Huston, G. and G. Michaelson, Ed., "The Profile for 296 Algorithms and Key Sizes for Use in the Resource Public Key 297 Infrastructure", RFC 7935, DOI 10.17487/RFC7935, August 298 2016, . 300 [ID.sidr-bgpsec-protocol] Lepinski, M., "BGPsec Protocol 301 Specification", draft-ietf-sidr-bgpsec-protocol, work-in- 302 progress. 304 [ID.sidr-bgpsec-pki-profiles] Reynolds, M. and S. Turner, "A Profile 305 for BGPSEC Router Certificates, Certificate Revocation 306 Lists, and Certification Requests", draft-ietf-sidr-bgpsec- 307 pki-profiles, work-in-progress. 309 [DSS] National Institute of Standards and Technology (NIST), U.S. 310 Department of Commerce, "Digital Signature Standard", FIPS 311 Publication 186-4, July 2013. 313 [SHS] National Institute of Standards and Technology (NIST), U.S. 314 Department of Commerce, "Secure Hash Standard", FIPS 315 Publication 180-4, August 2015. 317 9.2. Informative References 319 None. 321 Appendix A Examples 323 A.1. Topology and experiment description 325 Topology: 327 AS(64496)----AS(65536)----AS(65537) 329 Prefix Announcement: AS(64496), 192.0.2.0/24, 2001:db8::/32 331 A.2. Keys 333 For this example, the ECDSA algorithm was provided with a static 334 k to make the result deterministic. 336 The k used for all signature operations was taken from RFC 6979, 337 chapter A.2.5 "Signatures With SHA-256, message 'sample'". 339 k = A6E3C57DD01ABE90086538398355DD4C 340 3B17AA873382B0F24D6129493D8AAD60 342 Keys of AS64496: 343 ================ 344 ski: AB4D910F55CAE71A215EF3CAFE3ACC45B5EEC154 346 private key: 347 x = D8AA4DFBE2478F86E88A7451BF075565 348 709C575AC1C136D081C540254CA440B9 350 public key: 351 Ux = 7391BABB92A0CB3BE10E59B19EBFFB21 352 4E04A91E0CBA1B139A7D38D90F77E55A 353 Uy = A05B8E695678E0FA16904B55D9D4F5C0 354 DFC58895EE50BC4F75D205A25BD36FF5 356 Router Key Certificate example using OpenSSL 1.0.1e-fips 11 Feb 2013 357 -------------------------------------------------------------------- 358 Certificate: 359 Data: 360 Version: 3 (0x2) 361 Serial Number: 38655612 (0x24dd67c) 362 Signature Algorithm: ecdsa-with-SHA256 363 Issuer: CN=ROUTER-0000FBF0 364 Validity 365 Not Before: Jan 1 05:00:00 2017 GMT 366 Not After : Jul 1 05:00:00 2018 GMT 368 Subject: CN=ROUTER-0000FBF0 369 Subject Public Key Info: 370 Public Key Algorithm: id-ecPublicKey 371 Public-Key: (256 bit) 372 pub: 373 04:73:91:ba:bb:92:a0:cb:3b:e1:0e:59:b1:9e:bf: 374 fb:21:4e:04:a9:1e:0c:ba:1b:13:9a:7d:38:d9:0f: 375 77:e5:5a:a0:5b:8e:69:56:78:e0:fa:16:90:4b:55: 376 d9:d4:f5:c0:df:c5:88:95:ee:50:bc:4f:75:d2:05: 377 a2:5b:d3:6f:f5 378 ASN1 OID: prime256v1 379 X509v3 extensions: 380 X509v3 Key Usage: 381 Digital Signature 382 X509v3 Subject Key Identifier: 383 AB:4D:91:0F:55:CA:E7:1A:21:5E: 384 F3:CA:FE:3A:CC:45:B5:EE:C1:54 385 X509v3 Extended Key Usage: 386 1.3.6.1.5.5.7.3.30 387 sbgp-autonomousSysNum: critical 388 Autonomous System Numbers: 389 64496 390 Routing Domain Identifiers: 391 inherit 393 Signature Algorithm: ecdsa-with-SHA256 394 30:44:02:20:07:b7:b4:6a:5f:a4:f1:cc:68:36:39:03:a4:83: 395 ec:7c:80:02:d2:f6:08:9d:46:b2:ec:2a:7b:e6:92:b3:6f:b1: 396 02:20:00:91:05:4a:a1:f5:b0:18:9d:27:24:e8:b4:22:fd:d1: 397 1c:f0:3d:b1:38:24:5d:64:29:35:28:8d:ee:0c:38:29 399 -----BEGIN CERTIFICATE----- 400 MIIBiDCCAS+gAwIBAgIEAk3WfDAKBggqhkjOPQQDAjAaMRgwFgYDVQQDDA9ST1VU 401 RVItMDAwMEZCRjAwHhcNMTcwMTAxMDUwMDAwWhcNMTgwNzAxMDUwMDAwWjAaMRgw 402 FgYDVQQDDA9ST1VURVItMDAwMEZCRjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC 403 AARzkbq7kqDLO+EOWbGev/shTgSpHgy6GxOafTjZD3flWqBbjmlWeOD6FpBLVdnU 404 9cDfxYiV7lC8T3XSBaJb02/1o2MwYTALBgNVHQ8EBAMCB4AwHQYDVR0OBBYEFKtN 405 kQ9VyucaIV7zyv46zEW17sFUMBMGA1UdJQQMMAoGCCsGAQUFBwMeMB4GCCsGAQUF 406 BwEIAQH/BA8wDaAHMAUCAwD78KECBQAwCgYIKoZIzj0EAwIDRwAwRAIgB7e0al+k 407 8cxoNjkDpIPsfIAC0vYInUay7Cp75pKzb7ECIACRBUqh9bAYnSck6LQi/dEc8D2x 408 OCRdZCk1KI3uDDgp 409 -----END CERTIFICATE----- 411 Keys of AS(65636): 412 ================== 413 ski: 47F23BF1AB2F8A9D26864EBBD8DF2711C74406EC 414 private key: 415 x = 6CB2E931B112F24554BCDCAAFD9553A9 416 519A9AF33C023B60846A21FC95583172 418 public key: 419 Ux = 28FC5FE9AFCF5F4CAB3F5F85CB212FC1 420 E9D0E0DBEAEE425BD2F0D3175AA0E989 421 Uy = EA9B603E38F35FB329DF495641F2BA04 422 0F1C3AC6138307F257CBA6B8B588F41F 424 Router Key Certificate example using OpenSSL 1.0.1e-fips 11 Feb 2013 425 -------------------------------------------------------------------- 426 Certificate: 427 Data: 428 Version: 3 (0x2) 429 Serial Number: 3168189942 (0xbcd6bdf6) 430 Signature Algorithm: ecdsa-with-SHA256 431 Issuer: CN=ROUTER-0000FFFF 432 Validity 433 Not Before: Jan 1 05:00:00 2017 GMT 434 Not After : Jul 1 05:00:00 2018 GMT 435 Subject: CN=ROUTER-0000FFFF 436 Subject Public Key Info: 437 Public Key Algorithm: id-ecPublicKey 438 Public-Key: (256 bit) 439 pub: 440 04:28:fc:5f:e9:af:cf:5f:4c:ab:3f:5f:85:cb:21: 441 2f:c1:e9:d0:e0:db:ea:ee:42:5b:d2:f0:d3:17:5a: 442 a0:e9:89:ea:9b:60:3e:38:f3:5f:b3:29:df:49:56: 443 41:f2:ba:04:0f:1c:3a:c6:13:83:07:f2:57:cb:a6: 444 b8:b5:88:f4:1f 445 ASN1 OID: prime256v1 446 X509v3 extensions: 447 X509v3 Key Usage: 448 Digital Signature 449 X509v3 Subject Key Identifier: 450 47:F2:3B:F1:AB:2F:8A:9D:26:86: 451 4E:BB:D8:DF:27:11:C7:44:06:EC 452 X509v3 Extended Key Usage: 453 1.3.6.1.5.5.7.3.30 454 sbgp-autonomousSysNum: critical 455 Autonomous System Numbers: 456 65535 457 Routing Domain Identifiers: 458 inherit 460 Signature Algorithm: ecdsa-with-SHA256 461 30:45:02:21:00:df:04:c5:17:04:d0:f2:b9:fa:f3:d9:6e:3f: 462 6f:a1:58:d8:fe:6c:18:e4:37:ca:19:7c:c8:75:40:57:6e:7e: 463 9d:02:20:12:45:e8:a8:58:6b:00:7b:e6:a9:0e:f2:b6:62:50: 464 4b:1c:01:6f:3b:41:11:69:88:30:73:9f:d7:02:9e:64:4f 466 -----BEGIN CERTIFICATE----- 467 MIIBijCCATCgAwIBAgIFALzWvfYwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwPUk9V 468 VEVSLTAwMDBGRkZGMB4XDTE3MDEwMTA1MDAwMFoXDTE4MDcwMTA1MDAwMFowGjEY 469 MBYGA1UEAwwPUk9VVEVSLTAwMDBGRkZGMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD 470 QgAEKPxf6a/PX0yrP1+FyyEvwenQ4Nvq7kJb0vDTF1qg6Ynqm2A+OPNfsynfSVZB 471 8roEDxw6xhODB/JXy6a4tYj0H6NjMGEwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBRH 472 8jvxqy+KnSaGTrvY3ycRx0QG7DATBgNVHSUEDDAKBggrBgEFBQcDHjAeBggrBgEF 473 BQcBCAEB/wQPMA2gBzAFAgMA//+hAgUAMAoGCCqGSM49BAMCA0gAMEUCIQDfBMUX 474 BNDyufrz2W4/b6FY2P5sGOQ3yhl8yHVAV25+nQIgEkXoqFhrAHvmqQ7ytmJQSxwB 475 bztBEWmIMHOf1wKeZE8= 476 -----END CERTIFICATE----- 478 A.3. BGPsec IPv4 480 BGPSec IPv4 Update from AS(65536) to AS(65537): 481 =============================================== 482 Binary Form of BGPSec Update (TCP-DUMP): 484 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 485 01 03 02 00 00 00 EC 40 01 01 02 80 04 04 00 00 486 00 00 80 0E 0D 00 01 01 04 C6 33 64 64 00 18 C0 487 00 02 90 1E 00 CD 00 0E 01 00 00 01 00 00 01 00 488 00 00 FB F0 00 BF 01 47 F2 3B F1 AB 2F 8A 9D 26 489 86 4E BB D8 DF 27 11 C7 44 06 EC 00 48 30 46 02 490 21 00 EF D4 8B 2A AC B6 A8 FD 11 40 DD 9C D4 5E 491 81 D6 9D 2C 87 7B 56 AA F9 91 C3 4D 0E A8 4E AF 492 37 16 02 21 00 90 F2 C1 29 AB B2 F3 9B 6A 07 96 493 3B D5 55 A8 7A B2 B7 33 3B 7B 91 F1 66 8F D8 61 494 8C 83 FA C3 F1 AB 4D 91 0F 55 CA E7 1A 21 5E F3 495 CA FE 3A CC 45 B5 EE C1 54 00 48 30 46 02 21 00 496 EF D4 8B 2A AC B6 A8 FD 11 40 DD 9C D4 5E 81 D6 497 9D 2C 87 7B 56 AA F9 91 C3 4D 0E A8 4E AF 37 16 498 02 21 00 8E 21 F6 0E 44 C6 06 6C 8B 8A 95 A3 C0 499 9D 3A D4 37 95 85 A2 D7 28 EE AD 07 A1 7E D7 AA 500 05 5E CA 502 Signature From AS(64496) to AS(65536): 503 -------------------------------------- 504 Digest: 21 33 E5 CA A0 26 BE 07 3D 9C 1B 4E FE B9 B9 77 505 9F 20 F8 F5 DE 29 FA 98 40 00 9F 60 47 D0 81 54 506 Signature: 30 46 02 21 00 EF D4 8B 2A AC B6 A8 FD 11 40 DD 507 9C D4 5E 81 D6 9D 2C 87 7B 56 AA F9 91 C3 4D 0E 508 A8 4E AF 37 16 02 21 00 8E 21 F6 0E 44 C6 06 6C 509 8B 8A 95 A3 C0 9D 3A D4 37 95 85 A2 D7 28 EE AD 510 07 A1 7E D7 AA 05 5E CA 512 Signature From AS(65536) to AS(65537): 513 -------------------------------------- 514 Digest: 01 4F 24 DA E2 A5 21 90 B0 80 5C 60 5D B0 63 54 515 22 3E 93 BA 41 1D 3D 82 A3 EC 26 36 52 0C 5F 84 516 Signature: 30 46 02 21 00 EF D4 8B 2A AC B6 A8 FD 11 40 DD 517 9C D4 5E 81 D6 9D 2C 87 7B 56 AA F9 91 C3 4D 0E 518 A8 4E AF 37 16 02 21 00 90 F2 C1 29 AB B2 F3 9B 519 6A 07 96 3B D5 55 A8 7A B2 B7 33 3B 7B 91 F1 66 520 8F D8 61 8C 83 FA C3 F1 522 The human readable output is produced using bgpsec-io, a bgpsec 523 traffic generator that uses a wireshark like printout. 525 Send Update Message 526 +--marker: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 527 +--length: 259 528 +--type: 2 (UPDATE) 529 +--withdrawn_routes_length: 0 530 +--total_path_attr_length: 236 531 +--ORIGIN: INCOMPLETE (4 bytes) 532 | +--Flags: 0x40 (Well-Known, Transitive, Complete) 533 | +--Type Code: ORIGIN (1) 534 | +--Length: 1 byte 535 | +--Origin: INCOMPLETE (1) 536 +--MULTI_EXIT_DISC (7 bytes) 537 | +--Flags: 0x80 (Optional, Complete) 538 | +--Type Code: MULTI_EXIT_DISC (4) 539 | +--Length: 4 bytes 540 | +--data: 00 00 00 00 541 +--MP_REACH_NLRI (16 bytes) 542 | +--Flags: 0x80 (Optional, Complete) 543 | +--Type Code: MP_REACH_NLRI (14) 544 | +--Length: 13 bytes 545 | +--Address family: IPv4 (1) 546 | +--Subsequent address family identifier: Unicast (1) 547 | +--Next hop network address: (4 bytes) 548 | | +--Next hop: 198.51.100.100 549 | +--Subnetwork points of attachment: 0 550 | +--Network layer reachability information: (4 bytes) 551 | +--192.0.2.0/24 552 | +--MP Reach NLRI prefix length: 24 553 | +--MP Reach NLRI IPv4 prefix: 192.0.2.0 554 +--BGPSEC Path Attribute (209 bytes) 555 +--Flags: 0x90 (Optional, Complete, Extended Length) 556 +--Type Code: BGPSEC Path Attribute (30) 557 +--Length: 205 bytes 558 +--Secure Path (14 bytes) 559 | +--Length: 14 bytes 560 | +--Secure Path Segment: (6 bytes) 561 | | +--pCount: 1 562 | | +--Flags: 0 563 | | +--AS number: 65536 (1.0) 564 | +--Secure Path Segment: (6 bytes) 565 | +--pCount: 1 566 | +--Flags: 0 567 | +--AS number: 64496 (0.64496) 568 +--Signature Block (191 bytes) 569 +--Length: 191 bytes 570 +--Algo ID: 1 571 +--Signature Segment: (94 bytes) 572 | +--SKI: 47F23BF1AB2F8A9D26864EBBD8DF2711C74406EC 573 | +--Length: 72 bytes 574 | +--Signature: 3046022100EFD48B 2AACB6A8FD1140DD 575 | 9CD45E81D69D2C87 7B56AAF991C34D0E 576 | A84EAF3716022100 90F2C129ABB2F39B 577 | 6A07963BD555A87A B2B7333B7B91F166 578 | 8FD8618C83FAC3F1 579 +--Signature Segment: (94 bytes) 580 +--SKI: AB4D910F55CAE71A215EF3CAFE3ACC45B5EEC154 581 +--Length: 72 bytes 582 +--Signature: 3046022100EFD48B 2AACB6A8FD1140DD 583 9CD45E81D69D2C87 7B56AAF991C34D0E 584 A84EAF3716022100 8E21F60E44C6066C 585 8B8A95A3C09D3AD4 379585A2D728EEAD 586 07A17ED7AA055ECA 588 A.4. BGPsec IPv6 590 BGPSec IPv6 Update from AS(65536) to AS(65537): 591 =============================================== 592 Binary Form of BGP/BGPsec Update (TCP-DUMP): 594 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 595 01 10 02 00 00 00 F9 40 01 01 02 80 04 04 00 00 596 00 00 80 0E 1A 00 02 01 10 20 01 00 10 00 00 00 597 00 00 00 00 00 C6 33 64 64 00 20 20 01 0D B8 90 598 1E 00 CD 00 0E 01 00 00 01 00 00 01 00 00 00 FB 599 F0 00 BF 01 47 F2 3B F1 AB 2F 8A 9D 26 86 4E BB 600 D8 DF 27 11 C7 44 06 EC 00 48 30 46 02 21 00 EF 601 D4 8B 2A AC B6 A8 FD 11 40 DD 9C D4 5E 81 D6 9D 602 2C 87 7B 56 AA F9 91 C3 4D 0E A8 4E AF 37 16 02 603 21 00 D1 B9 4F 62 51 04 6D 21 36 A1 05 B0 F4 72 604 7C C5 BC D6 74 D9 7D 28 E6 1B 8F 43 BD DE 91 C3 605 06 26 AB 4D 91 0F 55 CA E7 1A 21 5E F3 CA FE 3A 606 CC 45 B5 EE C1 54 00 48 30 46 02 21 00 EF D4 8B 607 2A AC B6 A8 FD 11 40 DD 9C D4 5E 81 D6 9D 2C 87 608 7B 56 AA F9 91 C3 4D 0E A8 4E AF 37 16 02 21 00 609 E2 A0 2C 68 FE 53 CB 96 93 4C 78 1F 5A 14 A2 97 610 19 79 20 0C 91 56 ED F8 55 05 8E 80 53 F4 AC D3 612 Signature From AS(64496) to AS(65536): 613 -------------------------------------- 614 Digest: 8A 0C D3 E9 8E 55 10 45 82 1D 80 46 01 D6 55 FC 615 52 11 89 DF 4D B0 28 7D 84 AC FC 77 55 6D 06 C7 616 Signature: 30 46 02 21 00 EF D4 8B 2A AC B6 A8 FD 11 40 DD 617 9C D4 5E 81 D6 9D 2C 87 7B 56 AA F9 91 C3 4D 0E 618 A8 4E AF 37 16 02 21 00 E2 A0 2C 68 FE 53 CB 96 619 93 4C 78 1F 5A 14 A2 97 19 79 20 0C 91 56 ED F8 620 55 05 8E 80 53 F4 AC D3 622 Signature From AS(65536) to AS(65537): 623 -------------------------------------- 624 Digest: 44 49 EC 70 8D EC 5C 85 00 C2 17 8C 72 FE 4C 79 625 FF A9 3C 95 31 61 01 2D EE 7E EE 05 46 AF 5F D0 626 Signature: 30 46 02 21 00 EF D4 8B 2A AC B6 A8 FD 11 40 DD 627 9C D4 5E 81 D6 9D 2C 87 7B 56 AA F9 91 C3 4D 0E 628 A8 4E AF 37 16 02 21 00 D1 B9 4F 62 51 04 6D 21 629 36 A1 05 B0 F4 72 7C C5 BC D6 74 D9 7D 28 E6 1B 630 8F 43 BD DE 91 C3 06 26 632 The human readable output is produced using bgpsec-io, a bgpsec 633 traffic generator that uses a wireshark like printout. 635 Send Update Message 636 +--marker: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 637 +--length: 272 638 +--type: 2 (UPDATE) 639 +--withdrawn_routes_length: 0 640 +--total_path_attr_length: 249 641 +--ORIGIN: INCOMPLETE (4 bytes) 642 | +--Flags: 0x40 (Well-Known, Transitive, Complete) 643 | +--Type Code: ORIGIN (1) 644 | +--Length: 1 byte 645 | +--Origin: INCOMPLETE (1) 646 +--MULTI_EXIT_DISC (7 bytes) 647 | +--Flags: 0x80 (Optional, Complete) 648 | +--Type Code: MULTI_EXIT_DISC (4) 649 | +--Length: 4 bytes 650 | +--data: 00 00 00 00 651 +--MP_REACH_NLRI (29 bytes) 652 | +--Flags: 0x80 (Optional, Complete) 653 | +--Type Code: MP_REACH_NLRI (14) 654 | +--Length: 26 bytes 655 | +--Address family: IPv6 (2) 656 | +--Subsequent address family identifier: Unicast (1) 657 | +--Next hop network address: (16 bytes) 658 | | +--Next hop: 2001:0010:0000:0000:0000:0000:c633:6464 659 | +--Subnetwork points of attachment: 0 660 | +--Network layer reachability information: (5 bytes) 661 | +--2001:db8::/32 662 | +--MP Reach NLRI prefix length: 32 663 | +--MP Reach NLRI IPv6 prefix: 2001:db8:: 664 +--BGPSEC Path Attribute (209 bytes) 665 +--Flags: 0x90 (Optional, Complete, Extended Length) 666 +--Type Code: BGPSEC Path Attribute (30) 667 +--Length: 205 bytes 668 +--Secure Path (14 bytes) 669 | +--Length: 14 bytes 670 | +--Secure Path Segment: (6 bytes) 671 | | +--pCount: 1 672 | | +--Flags: 0 673 | | +--AS number: 65536 (1.0) 674 | +--Secure Path Segment: (6 bytes) 675 | +--pCount: 1 676 | +--Flags: 0 677 | +--AS number: 64496 (0.64496) 678 +--Signature Block (191 bytes) 679 +--Length: 191 bytes 680 +--Algo ID: 1 681 +--Signature Segment: (94 bytes) 682 | +--SKI: 47F23BF1AB2F8A9D26864EBBD8DF2711C74406EC 683 | +--Length: 72 bytes 684 | +--Signature: 3046022100EFD48B 2AACB6A8FD1140DD 685 | 9CD45E81D69D2C87 7B56AAF991C34D0E 686 | A84EAF3716022100 D1B94F6251046D21 687 | 36A105B0F4727CC5 BCD674D97D28E61B 688 | 8F43BDDE91C30626 689 +--Signature Segment: (94 bytes) 690 +--SKI: AB4D910F55CAE71A215EF3CAFE3ACC45B5EEC154 691 +--Length: 72 bytes 692 +--Signature: 3046022100EFD48B 2AACB6A8FD1140DD 693 9CD45E81D69D2C87 7B56AAF991C34D0E 694 A84EAF3716022100 E2A02C68FE53CB96 695 934C781F5A14A297 1979200C9156EDF8 696 55058E8053F4ACD3 698 Authors' Addresses 700 Sean Turner 701 sn3rd 703 EMail: sean@sn3rd.com 705 Oliver Borchert 706 NIST 707 100 Bureau Drive 708 Gaithersburg MD 20899 709 USA 711 Email: oliver.borchert@nist.gov