potential new IETF WG on anonymous IPSec
Joe Touch
touch at ISI.EDU
Thu Sep 16 14:17:09 PDT 2004
Ian Grigg wrote:
> Bill Stewart wrote:
>
>> Also, the author's document discusses protecting BGP to prevent
>> some of the recent denial-of-service attacks,
>> and asks for confirmation about the assertion in a message
>> on the IPSEC mailing list suggesting
>> "E.g., it is not feasible for BGP routers to be configured with the
>> appropriate certificate authorities of hundreds of thousands of
>> peers".
>> Routers typically use BGP to peer with a small number of partners,
>> though some big ISP gateway routers might peer with a few hundred.
>> (A typical enterprise router would have 2-3 peers if it does BGP.)
>> If a router wants to learn full internet routes from its peers,
>> it might learn 1-200,000, but that's not the number of direct connections
>> that it has - it's information it learns using those connections.
>> And the peers don't have to be configured "rapidly without external
>> assistance" -
>> you typically set up the peering link when you're setting up the
>> connection between an ISP and a customer or a pair of ISPs,
>> and if you want to use a CA mechanism to certify X.509 certs,
>> you can set up that information at the same time.
>
> On the backbone, between BGP peers, one would have thought
> that there are relatively few attackers, as the staff are
> highly trusted and the wires are hard to access - hence no
> active attacks going on and only some passive eavesdropping
> attacks. Also, anyone setting up BGP routing knows the other
> party, so there is a prior relationship.
My understanding of the attacks this past spring is that:
a) they were indeed on the backbone BGP peers
b) that those peers had avoided setting up
preshared keys or getting mutually-authenticatable
certificates because of the configuration overhead
(small on a per-pair basis, but may be large
in aggregate)
While inspired by this issue, there may be other solutions (e.g., IMO
IPsec) which are more appropriate for BGP peers.
> The whole point of the CA model is that there is no prior
> relationship and that the network is a wild wild west sort
> of place
Except that certs need to be signed by authorities that are trusted.
> - both of these assumptions seem to be reversed
> in the backbone world, no? So one would think that using
> opportunistic cryptography would be ideal for the BGP world?
>
> iang
I wouldn't think that the encryption need be opportunistic; in the BGP
backbone world, as you noted, peers are known a-priori, and should have
certs that could be signed by well-known, trusted CAs.
Joe
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
More information about the cypherpunks-legacy
mailing list