draft-ietf-sidr-origin-ops-02.txt   draft-ietf-sidr-origin-ops-03.txt 
Network Working Group R. Bush Network Working Group R. Bush
Internet-Draft IIJ Internet-Draft IIJ
Intended status: BCP January 19, 2011 Intended status: BCP January 21, 2011
Expires: July 23, 2011 Expires: July 25, 2011
RPKI-Based Origin Validation Operation RPKI-Based Origin Validation Operation
draft-ietf-sidr-origin-ops-02 draft-ietf-sidr-origin-ops-03
Abstract Abstract
Deployment of the RPKI-based BGP origin validation has many Deployment of the RPKI-based BGP origin validation has many
operational considerations. This document attempts to collect and operational considerations. This document attempts to collect and
present them. It is expected to evolve as RPKI-based origin present them. It is expected to evolve as RPKI-based origin
validation is deployed and the dynamics are better understood. validation is deployed and the dynamics are better understood.
Requirements Language Requirements Language
skipping to change at page 1, line 39 skipping to change at page 1, line 39
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 23, 2011. This Internet-Draft will expire on July 25, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 18 skipping to change at page 2, line 18
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . . 3 2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . . 3
3. RPKI Distribution and Maintenance . . . . . . . . . . . . . . . 3 3. RPKI Distribution and Maintenance . . . . . . . . . . . . . . . 3
4. Within a Network . . . . . . . . . . . . . . . . . . . . . . . 4 4. Within a Network . . . . . . . . . . . . . . . . . . . . . . . 4
5. Routing Policy . . . . . . . . . . . . . . . . . . . . . . . . 4 5. Routing Policy . . . . . . . . . . . . . . . . . . . . . . . . 4
6. Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 6. Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 6
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 6 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 6
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
10.1. Normative References . . . . . . . . . . . . . . . . . . . 6 10.1. Normative References . . . . . . . . . . . . . . . . . . . 6
10.2. Informative References . . . . . . . . . . . . . . . . . . 7 10.2. Informative References . . . . . . . . . . . . . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
RPKI-based origin validation relies on widespread propagation of the RPKI-based origin validation relies on widespread propagation of the
skipping to change at page 5, line 22 skipping to change at page 5, line 22
moves forward, the number of BGP announcements with validation state moves forward, the number of BGP announcements with validation state
NotFound should decrease. Hence an operator's policy should not be NotFound should decrease. Hence an operator's policy should not be
overly strict, preferring Valid announcements, attaching a lower overly strict, preferring Valid announcements, attaching a lower
preference to, but still using, NotFound announcements, and giving preference to, but still using, NotFound announcements, and giving
very low preference to, but still using, Invalid announcements. very low preference to, but still using, Invalid announcements.
Some may choose to use the large Local-Preference hammer. Others Some may choose to use the large Local-Preference hammer. Others
might choose to let AS-Path rule and set their internal metric, which might choose to let AS-Path rule and set their internal metric, which
comes after AS-Path in the BGP decision process. comes after AS-Path in the BGP decision process.
When using a metric which is also influenced by other local policy,
the operator should be careful not to create privilege upgrade
vulnerabilities. E.g. if Local Pref is set depending on validity
state, be careful that peer community signaling can not upgrade an
invalid announcement to valid or better.
Announcements with Valid origins SHOULD be preferred over those with Announcements with Valid origins SHOULD be preferred over those with
NotFound or Invalid origins. NotFound or Invalid origins.
Announcements with NotFound origins SHOULD be preferred over those Announcements with NotFound origins SHOULD be preferred over those
with Invalid origins. with Invalid origins.
Announcements with Invalid origins MAY be used, but SHOULD be less Announcements with Invalid origins MAY be used, but SHOULD be less
preferred than those with Valid or NotFound. preferred than those with Valid or NotFound.
6. Notes 6. Notes
skipping to change at page 6, line 8 skipping to change at page 6, line 16
As the BGP origin is not signed, origin validation is open to As the BGP origin is not signed, origin validation is open to
malicious spoofing. It is only designed to deal with inadvertent malicious spoofing. It is only designed to deal with inadvertent
mis-advertisement. mis-advertisement.
Origin validation does nothing about AS-Path validation and therefore Origin validation does nothing about AS-Path validation and therefore
is open to monkey in the middle path attacks. is open to monkey in the middle path attacks.
The data plane may not follow the control plane. The data plane may not follow the control plane.
Be aware of the class of privilege escalation issues discussed in
Section 5 above.
8. IANA Considerations 8. IANA Considerations
This document has no IANA Considerations. This document has no IANA Considerations.
9. Acknowledgments 9. Acknowledgments
The author wishes to thank Rob Austein, Steve Bellovin, Pradosh The author wishes to thank Rob Austein, Steve Bellovin, Pradosh
Mohapatra, Chris Morrow, Keyur Patel, Heather and Jason Schiller, Mohapatra, Chris Morrow, Keyur Patel, Heather and Jason Schiller,
John Scudder, Maureen Stillman, and Dave Ward. John Scudder, Maureen Stillman, and Dave Ward.
 End of changes. 6 change blocks. 
5 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.40. The latest version is available from http://tools.ietf.org/tools/rfcdiff/