[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Routing Insecurity (Re: BGP in the Washington Post)

Subject: Routing Insecurity (Re: BGP in the Washington Post)
From: rdobbins at arbor.net (Roland Dobbins)
Date: Wed, 03 Jun 2015 15:27:51 +0700
In-reply-to: <CAGvYMCrvPEBXv+P0no3DZ+uKBuvObemz=b0EfaR7=M9xxva82w@mail.gmail.com>
References: <17689457.2434.1433171075960.JavaMail.mhammett@ThunderFuck> <[email protected]> <CAD6AjGQWs-aKD8axgiRyaYXPB564MswKZsuaOUhjUn--KJXuUg@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <CAGvYMCrvPEBXv+P0no3DZ+uKBuvObemz=b0EfaR7=M9xxva82w@mail.gmail.com>

On 3 Jun 2015, at 9:04, Ethan Katz-Bassett wrote:

> The same folks also followed up that workshop paper with a longer 
> paper on
> the topic:
> https://www.cs.bu.edu/~goldbe/papers/sigRPKI.pdf

Thanks to you and to Dale Carter - I was unaware of these papers.

Nonetheless, the risk remains of authorities interfering with the BGP as 
they've interfered with the DNS.

I'm very cognizant of the non-trivial effects of route-hijacking, having 
been involved in helping get a few of them resolved.  Nonetheless, my 
natural skepticism leads me to wonder whether we aren't better off with 
the problematic, error-prone system we have (not to mention the 
enumeration and enhanced DDoS impact of packeting routers doing crypto 
for their BGP sessions and which aren't protected via iACLs/GTSM).

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

Follow-Ups:
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: david at mandelberg.org (David Mandelberg)

References:
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: nanog at ics-il.net (Mike Hammett)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: mark.tinka at seacom.mu (Mark Tinka)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: cb.list6 at gmail.com (Ca By)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: marka at isc.org (Mark Andrews)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: rdobbins at arbor.net (Roland Dobbins)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: dwcarder at wisc.edu (Dale W. Carder)
- Routing Insecurity (Re: BGP in the Washington Post)
  - From: ethan at cs.washington.edu (Ethan Katz-Bassett)

Prev by Date: BGP in the Washngton Post
Next by Date: AWS Elastic IP architecture
Previous by thread: Routing Insecurity (Re: BGP in the Washington Post)
Next by thread: Routing Insecurity (Re: BGP in the Washington Post)
Index(es):
- Date
- Thread