Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[802SEC] FW: [New-work] WG Review: Secure Inter-Domain Routing (sidr)



WG Chairs,

This new IETF working group may be of interest to members of your
working group.  Forward to them as appropriate.

Paul 

-----Original Message-----
From: new-work-bounces@ietf.org [mailto:new-work-bounces@ietf.org] On
Behalf Of IESG Secretary
Sent: Wednesday, February 08, 2006 11:59 AM
To: new-work@ietf.org
Subject: [New-work] WG Review: Secure Inter-Domain Routing (sidr) 

A new IETF working group has been proposed in the Routing Area.  The
IESG has not made any determination as yet.  The following draft charter
was submitted, and is provided for informational purposes only.  Please
send your comments to the IESG mailing list (iesg@ietf.org) by February
15th.

+++

Secure Inter-Domain Routing (sidr)
====================================

Current Status: Proposed Working Group

Chair(s):
TBD

Routing Area Director(s):
Bill Fenner <fenner at research.att.com> Alex Zinin <zinin at psg.com>

Routing Area Advisor:
TBD

Other Advisors:
Security: TBD
Routing: TBD

Mailing Lists:
General Discussion: sidr at ietf.org
To Subscribe: sidr-request at ietf.org
In Body: (un)subscribe
Archive: http://www.ietf.org/mail-archive/web/sidr/index.html

Description of Working Group:

One of the areas of vulnerability for large scale Internet environments
lies in the area of inter-domain routing. The basic security questions
that can be posed regarding routing information are whether the
originating Autonomous System is authorized to advertise an address
prefix by the holder of that prefix, whether the originating AS is
accurately identified by the originating Autonomous System Number in the
advertisement, and the validity of both the address prefix and the
Autonomous System Number. A related question concerns the level of trust
than can be ascribed to attributes of a route object in terms of their
authenticity, including consideration of the AS Path attribute.

The Routing Protocol Security Group (RPSEC) has been chartered to
document the security requirements for routing systems, and, in
particular, to produce a document on BGP security requirements.

The scope of work in the SIDR working group is to formulate an
extensible architecture for an interdomain routing security framework.
This framework must be capable of supporting incremental additions of
functional components. As and when interdomain routing security
requirements are completed within the RPSEC Working Group, these
requirements will be defined within the SIDR framework as functional
components of a secure interdomain routing system.

The scope of work will include describing the use of certification
objects for supporting the distribution of authorization and
authentication information. Both hierarchic and distributed non-
hierarchic trust systems are intended to be supported within this
framework. The intended support of both forms of trust models is to
allow for the use of this framework for routing security in diverse
routing environments that have different underlying trust
characteristics.

The scope of work is limited to inter-domain router-to-router protocols
only, for both unicast and multicast systems.

The SIDR working group is charged with the following tasks:

- Document an extensible interdomain routing security architecture

- Document the use of certification objects within this secure routing
architecture

- Document specific routing functionality modules within this
architecture that are designed to address specific secure routing
requirements as they are determined by the RPSEC Working Group


Goals and Milestones:

Aug-06 Submit initial draft on inter-domain routing security
architecture

Sep-06 Submit initial draft on certificate objects to be used within
this architecture

Sep-06 Submit initial draft on securing origination of routing
information

Jan-07 Submit routing security architecture for publication as an
Informational RFC

Mar-07 Submit description of use certificate objects by this
architecture as an Informational RFC

Apr-07 Submit secure origination mechanism as a Proposed Standard

May-07 Evaluate progress, recharter with new goals or shutdown.


_______________________________________________
New-work mailing list
New-work@ietf.org
https://www1.ietf.org/mailman/listinfo/new-work

----------
This email is sent from the 802 Executive Committee email reflector.  This list is maintained by Listserv.