BGPsec Protocol Specification
RFC 8205
Document | Type |
RFC - Proposed Standard
(September 2017; No errata)
Updated by RFC 8206
|
|
---|---|---|---|
Authors | Matt Lepinski , Kotikalapudi Sriram | ||
Last updated | 2017-09-27 | ||
Replaces | draft-lepinski-bgpsec-protocol | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Matthias Wählisch | ||
Shepherd write-up | Show (last changed 2016-06-23) | ||
IESG | IESG state | RFC 8205 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Yes | ||
Telechat date | |||
Responsible AD | Alvaro Retana | ||
Send notices to | "Matthias Waehlisch" <m.waehlisch@fu-berlin.de>, aretana@cisco.com | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | RFC-Ed-Ack |
Internet Engineering Task Force (IETF) M. Lepinski, Ed. Request for Comments: 8205 NCF Category: Standards Track K. Sriram, Ed. ISSN: 2070-1721 NIST September 2017 BGPsec Protocol Specification Abstract This document describes BGPsec, an extension to the Border Gateway Protocol (BGP) that provides security for the path of Autonomous Systems (ASes) through which a BGP UPDATE message passes. BGPsec is implemented via an optional non-transitive BGP path attribute that carries digital signatures produced by each AS that propagates the UPDATE message. The digital signatures provide confidence that every AS on the path of ASes listed in the UPDATE message has explicitly authorized the advertisement of the route. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8205. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Lepinski & Sriram Standards Track [Page 1] RFC 8205 BGPsec Protocol September 2017 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2. BGPsec Negotiation . . . . . . . . . . . . . . . . . . . . . 3 2.1. The BGPsec Capability . . . . . . . . . . . . . . . . . . 4 2.2. Negotiating BGPsec Support . . . . . . . . . . . . . . . 5 3. The BGPsec_PATH Attribute . . . . . . . . . . . . . . . . . . 6 3.1. Secure_Path . . . . . . . . . . . . . . . . . . . . . . . 8 3.2. Signature_Block . . . . . . . . . . . . . . . . . . . . . 10 4. BGPsec UPDATE Messages . . . . . . . . . . . . . . . . . . . 11 4.1. General Guidance . . . . . . . . . . . . . . . . . . . . 11 4.2. Constructing the BGPsec_PATH Attribute . . . . . . . . . 14 4.3. Processing Instructions for Confederation Members . . . . 18 4.4. Reconstructing the AS_PATH Attribute . . . . . . . . . . 19 5. Processing a Received BGPsec UPDATE Message . . . . . . . . . 21 5.1. Overview of BGPsec Validation . . . . . . . . . . . . . . 22 5.2. Validation Algorithm . . . . . . . . . . . . . . . . . . 23 6. Algorithms and Extensibility . . . . . . . . . . . . . . . . 27 6.1. Algorithm Suite Considerations . . . . . . . . . . . . . 27 6.2. Considerations for the SKI Size . . . . . . . . . . . . . 28 6.3. Extensibility Considerations . . . . . . . . . . . . . . 28 7. Operations and Management Considerations . . . . . . . . . . 29 7.1. Capability Negotiation Failure . . . . . . . . . . . . . 29 7.2. Preventing Misuse of pCount=0 . . . . . . . . . . . . . . 29 7.3. Early Termination of Signature Verification . . . . . . . 30 7.4. Non-deterministic Signature Algorithms . . . . . . . . . 30 7.5. Private AS Numbers . . . . . . . . . . . . . . . . . . . 30 7.6. Robustness Considerations for Accessing RPKI Data . . . . 32 7.7. Graceful Restart . . . . . . . . . . . . . . . . . . . . 32 7.8. Robustness of Secret Random Number in ECDSA . . . . . . . 32 7.9. Incremental/Partial Deployment Considerations . . . . . . 33 8. Security Considerations . . . . . . . . . . . . . . . . . . . 33 8.1. Security Guarantees . . . . . . . . . . . . . . . . . . . 33 8.2. On the Removal of BGPsec Signatures . . . . . . . . . . . 34 8.3. Mitigation of Denial-of-Service Attacks . . . . . . . . . 36 8.4. Additional Security Considerations . . . . . . . . . . . 36 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 38Show full document text