do not filter your customers

Steven Bellovin smb at
Fri Feb 24 22:04:43 UTC 2012

On Feb 24, 2012, at 2:26 14PM, Danny McPherson wrote:

> On Feb 24, 2012, at 1:10 PM, Steven Bellovin wrote:
>> But just because we can't solve the whole problem, does that
>> mean we shouldn't solve any of it?
> Nope, we most certainly should decompose the problem into 
> addressable elements, that's core to engineering and operations.
> However, simply because the currently envisaged solution 
> doesn't solve this problem doesn't mean we shouldn't 
> acknowledge it exists.
> The IETF's BGP security threats document [1]  "describes a threat 
> model for BGP path security", which constrains itself to the 
> carefully worded SIDR WG charter, which addresses route origin 
> authorization and AS_PATH "semantics" -- i.e., this "leak" 
> problem is expressly out of scope of a threats document
> discussing BGP path security - eh? 
> How the heck we can talk about BGP path security and not 
> consider this incident a threat is beyond me, particularly when it 
> happens by accident all the time.  How we can justify putting all 
> that BGPSEC and RPKI machinery in place and not address this 
> "leak" issue somewhere in the mix is, err.., telling.

I repeat -- we're in violent agreement that route leaks are
a serious problem.  No one involved in BGPSEC -- not me, not Randy,
not anyone -- disagrees.  Give us an actionable definition and
we'll try to build a defense.  Right now, we have nothing better
than what Justice Potter Stewart once said in an opinion: "I shall 
not today attempt further to define the kinds of material I 
understand to be embraced within that shorthand description 
["hard-core pornography"]; and perhaps I could never succeed 
in intelligibly doing so. But I know it when I see it..."

Again -- *please* give us a definition.

		--Steve Bellovin,

P.S. It was routing problems, including leaks between RIP and either
EIGRP or OSPF (it's been >20 years; I just don't remember), that got
me involved in Internet security in the first place.  I really do
understand the issue.

More information about the NANOG mailing list