draft-ietf-sidr-origin-validation-signaling-09.txt   draft-ietf-sidr-origin-validation-signaling-10.txt 
SIDR P. Mohapatra SIDR P. Mohapatra
Internet-Draft Sproute Networks Internet-Draft Sproute Networks
Intended status: Standards Track K. Patel Intended status: Standards Track K. Patel
Expires: December 29, 2016 Cisco Expires: June 3, 2017 Cisco
J. Scudder J. Scudder
Juniper Networks Juniper Networks
D. Ward D. Ward
Cisco Cisco
R. Bush R. Bush
Internet Initiative Japan, Inc. Internet Initiative Japan, Inc.
June 27, 2016 November 30, 2016
BGP Prefix Origin Validation State Extended Community BGP Prefix Origin Validation State Extended Community
draft-ietf-sidr-origin-validation-signaling-09 draft-ietf-sidr-origin-validation-signaling-10
Abstract Abstract
This document defines a new BGP opaque extended community to carry This document defines a new BGP opaque extended community to carry
the origination AS validation state inside an autonomous system. the origination AS validation state inside an autonomous system.
IBGP speakers that receive this validation state can configure local IBGP speakers that receive this validation state can configure local
policies allowing it to influence their decision process. policies allowing it to influence their decision process.
Status of This Memo Status of This Memo
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 29, 2016. This Internet-Draft will expire on June 3, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 22 skipping to change at page 4, line 22
this document. this document.
5. IANA Considerations 5. IANA Considerations
IANA has assigned the value 0x00 from the "Non-Transitive Opaque IANA has assigned the value 0x00 from the "Non-Transitive Opaque
Extended Community Sub-Types" registry. The value is called "BGP Extended Community Sub-Types" registry. The value is called "BGP
Origin Validation State Extended Community". Origin Validation State Extended Community".
6. Security Considerations 6. Security Considerations
This document introduces no new security concerns beyond what is Security considerations such as those described in [RFC4272] continue
described in [RFC6811]. to apply. Since this document introduces an extended community that
will generally be used to affect route selection, the analysis in
Section 4.5 ("Falsification") of [RFC4593] is relevant. These issues
are neither new, nor unique to the origin validation extended
community.
The security considerations provided in [RFC6811] apply equally to
this application of origin validation. In addition, this document
describes a scheme where router A outsources validation to some
router B. If this scheme is used, the participating routers should
have the appropriate trust relationship -- B should trust A either
because they are under the same administrative control or for some
other reason (for example, consider
[I-D.ietf-sidr-route-server-rpki-light]). The security properties of
the propagation path between the two routers should also be
considered. See [RFC7454] Section 5.1 for advice regarding
protection of the propagation path.
7. References 7. References
7.1. Normative References 7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 4, line 48 skipping to change at page 5, line 19
[RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
Communities Attribute", RFC 4360, DOI 10.17487/RFC4360, Communities Attribute", RFC 4360, DOI 10.17487/RFC4360,
February 2006, <http://www.rfc-editor.org/info/rfc4360>. February 2006, <http://www.rfc-editor.org/info/rfc4360>.
[RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R. [RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R.
Austein, "BGP Prefix Origin Validation", RFC 6811, Austein, "BGP Prefix Origin Validation", RFC 6811,
DOI 10.17487/RFC6811, January 2013, DOI 10.17487/RFC6811, January 2013,
<http://www.rfc-editor.org/info/rfc6811>. <http://www.rfc-editor.org/info/rfc6811>.
[RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K.
Patel, "Revised Error Handling for BGP UPDATE Messages",
RFC 7606, DOI 10.17487/RFC7606, August 2015,
<http://www.rfc-editor.org/info/rfc7606>.
7.2. Informative References 7.2. Informative References
[I-D.ietf-sidr-route-server-rpki-light] [I-D.ietf-sidr-route-server-rpki-light]
King, T., Kopp, D., Lambrianidis, A., and A. Fenioux, King, T., Kopp, D., Lambrianidis, A., and A. Fenioux,
"Signaling Prefix Origin Validation Results from a Route- "Signaling Prefix Origin Validation Results from a Route-
Server to Peers", draft-ietf-sidr-route-server-rpki- Server to Peers", draft-ietf-sidr-route-server-rpki-
light-00 (work in progress), June 2016. light-00 (work in progress), June 2016.
[RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis",
RFC 4272, DOI 10.17487/RFC4272, January 2006,
<http://www.rfc-editor.org/info/rfc4272>.
[RFC4593] Barbir, A., Murphy, S., and Y. Yang, "Generic Threats to
Routing Protocols", RFC 4593, DOI 10.17487/RFC4593,
October 2006, <http://www.rfc-editor.org/info/rfc4593>.
[RFC7454] Durand, J., Pepelnjak, I., and G. Doering, "BGP Operations
and Security", BCP 194, RFC 7454, DOI 10.17487/RFC7454,
February 2015, <http://www.rfc-editor.org/info/rfc7454>.
[RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K.
Patel, "Revised Error Handling for BGP UPDATE Messages",
RFC 7606, DOI 10.17487/RFC7606, August 2015,
<http://www.rfc-editor.org/info/rfc7606>.
Authors' Addresses Authors' Addresses
Pradosh Mohapatra Pradosh Mohapatra
Sproute Networks Sproute Networks
Email: mpradosh@yahoo.com Email: mpradosh@yahoo.com
Keyur Patel Keyur Patel
Cisco Cisco
170 W. Tasman Drive 170 W. Tasman Drive
San Jose, CA 95124 San Jose, CA 95124
Email: keyupate@cisco.com Email: keyupate@cisco.com
John Scudder John Scudder
Juniper Networks Juniper Networks
1194 N. Mathilda Ave 1194 N. Mathilda Ave
 End of changes. 8 change blocks. 
12 lines changed or deleted 39 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/