[sig-routing] prop-059: Using the Resource Public Key Infrastructure to

  • To: APNIC Routing SIG <sig-routing at lists dot apnic dot net>
  • Subject: [sig-routing] prop-059: Using the Resource Public Key Infrastructure to construct validated IRR data
  • From: Philip Smith <pfs at cisco dot com>
  • Date: Thu, 03 Apr 2008 21:34:08 +1000
  • Authentication-results: syd-dkim-1; header.From=pfs@cisco.com; dkim=pass ( sig from cisco.com/syddkim1002 verified; );
  • Delivered-to: sig-routing at mailman dot apnic dot net
  • List-archive: <http://mailman.apnic.net/mailing-lists/sig-routing>
  • List-help: <mailto:sig-routing-request@lists.apnic.net?subject=help>
  • List-id: APNIC SIG on IP routing technology and policy issues <sig-routing.lists.apnic.net>
  • List-post: <mailto:sig-routing@lists.apnic.net>
  • List-subscribe: <http://mailman.apnic.net/mailman/listinfo/sig-routing>, <mailto:sig-routing-request@lists.apnic.net?subject=subscribe>
  • List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/sig-routing>, <mailto:sig-routing-request@lists.apnic.net?subject=unsubscribe>
  • Organization: Cisco Systems
  • Reply-to: sig-routing@lists.apnic.net
  • User-agent: Thunderbird 2.0.0.12 (Macintosh/20080213)
    • Dear SIG members
      
      The proposal 'Using the Resource Public Key Infrastructure to construct
      validated IRR data' has been sent to the Routing SIG for review. It will
      be presented at the Routing SIG at APNIC 26 in Christchurch, New
      Zealand, 25-29 August 2008.
      
      The proposal's history can be found at:
      
                http://www.apnic.net/policy/proposals/prop-059-v001.html
      
      We invite you to review and comment on the proposal on the mailing list
      before the meeting.
      
      The comment period on the mailing list before an APNIC meeting is an
      important part of the policy development process. We encourage you to
      express your views on the proposal:
      
           - Do you support or oppose this proposal?
      
           - Does this proposal solve a problem you are experiencing? If so,
             tell the community about your situation.
      
           - Do you see any disadvantages in this proposal?
      
           - Is there anything in the proposal that is not clear?
      
           - What changes could be made to this proposal to make it more
             effective?
      
      
      Philip Smith
      Routing SIG Chair
      --
      
      ________________________________________________________________________
      
      prop-059-v001: Using the Resource Public Key Infrastructure to
                      construct validated IRR data
      ________________________________________________________________________
      
      
      Author:    Randy Bush
      
      Version:   1
      
      Date:      31 March 2008
      
      
      1.  Introduction
      ----------------
      
      This is a proposal to introduce a new registry that augments Internet
      Routing Registry (IRR) data with the formally verifiable trust model of
      the Resource Public Key Infrastructure (RPKI) and provide ISPs with the
      tools to generate an overlay to the IRR which is much more strongly
      trustable.
      
      
      2.  Summary of current problem
      ------------------------------
      
      The current methods for adding or updating Internet Routing Registry
      (IRR) data have weak security, and lack an inherently formally
      verifiable structure, resulting in a low level of trust in IRR data.
      
      To address the problem of this low level of trust in IRR data, there
      have been proposals to use Resource Public Key Infrastructure (RPKI) to
      sign IRR data. The problem with most of the proposed schemes, however,
      is that they are conceptually weak and hard to implement due to the
      differences between the trust structures of the IRR and the RPKI.
      
      More recently, however, Ruediger Volk has described a very simple method
      of using the RPKI that involves no change to the IRR, software that uses
      the IRR, or the RPKI.
      
      This is a proposal to implement Ruediger Volk's idea to strengthen the
      operators' use of data in the global IRR.
      
      
      3.   Situation in other RIRs
      ----------------------------
      
      This proposal has yet to be made in any other RIR.
      
      
      4.   Details of the proposal
      ----------------------------
      
      It is proposed that:
      
      4.1 APNIC publish a new IRR that contains 'route' objects generated from
           Route Origin Authorizations (ROAs) in the RPKI.
      
           - This new IRR would accept 'route' objects generated from the
             global RPKI, and would therefore cover the entire routing space,
             in so much as the RPKI covers the global space.
      
           - Operators who use the IRR to generate routing filters can choose
             to put this new IRR registry logically in front of the other
             registries. Operators can then given preference to routing origin
             information that can be formally validated.
      
           - This new registry would be made available as an IRR publication
             point.
      
      
      4.2 APNIC publish an open source tool that enables network operators to
           generate their own overlay IRR publication points themselves.
      
           - Such generated IRR publication points should be identical to the
             one generated and made available by APNIC.
      
           - Producing overlay IRR publication points allows security
             conscious operators to have a more formal trust model that
             prevents attacks on the IRR segment generated and served by
             APNIC.
      
      
      5.   Advantages and disadvantages of the proposal
      -------------------------------------------------
      
      Advantages:
      
      - Router filters would be more reliable as they would prefer RPKI
         validated origins, where available, rather than those not validated
         in the RPKI.
      
         ISPs would achieve this by configuring tools that automatically
         generate router filters to give priority to the IRR publication point
         of the new registry based on RPKI-signed objects.
      
      - The community will have an enhanced ability to filter BGP peer
         prefixes at no additional cost or changes to the data or tool bases.
         This would increase the reliability of the global routing system.
      
      - This new IRR publication point would be much simpler than other
         current ideas about how to use RPKI in conjunction with IRR data.
      
      - This proposal requires no changes to RPSL, the IRR, IRR toolsets, or
         the RPKI.
      
      
      Disadvantages:
      
      - None are known.
      
      
      6.   Effect on APNIC members
      ----------------------------
      
      See 'Advantages' above.
      
      
      7.   Effect on NIRs
      -------------------
      
      None are known.
      
      
      
      <end>