North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)

  • From: Randy Bush
  • Date: Tue Nov 22 17:00:47 2005

[ you know all this, but i think it is worth going through the
  exercise ]

> That said, I think the problem is that we need an algebra of trust
> that will let a program, not a human, decide whether or not to trust a
> certficate.  You don't want to accept something if it's a twisty loop
> of subsidiaries or allied evil ASs vouching for each other.  OTOH,
> there are some situations where we know that absolute trust is
> indicated -- say, 701 signing 702's certificate, or an upstream
> signing the address certificate for a customer.

> And it's not just honesty, it's competence you're assessing -- we've
> all seen problems when major ISPs didn't get their filters
> straight.

not exactly.  there are two trusts here.  i have to accept that
asns as incompetent at configuration as i are attesting to prefixes
and paths or i won't be able to get to a large part of the net.

but this is orthogonal to my trust in their competence to attest to
the identity of other asns by cross-signing others' certs.  i could
have a business relationship with an asn whose routing competence i

the bottom line is which would i trust more in the latter sense, an
asn cert signed by an external hierarchy or a cert signed by one or
more of 70x, 1239, 2914, ...?

it seems more natural if the identity trust is congruent with the
trust of business relationships.  a similar reason for my prefering
sbgp-like architectures, the attestation model is congruent with
the routing model.

it turns out most folk have a business relationsip with an rir.
but some don't, e.g. jis.  and those who do not have become very
worried about their ability to route on the internet being at the
mercy of organizations some of which have specifically said that
legacy cert renewal would be tied directly to the isp or entity
paying the rir as if they had gotten the legacy address space from
the rir (i think i have sensed some backing off from this rather
extreme position).  but the point is that some folk are not happy
with their identity being controlled by an external party with no
skin in the game with whom they would otherwise have no

[ before you say it, i have suggested that a pseudo-rir be created
  for legacy asns and prefixes ]

in particular, i have a business relationship with 1239 and 2914,
but no business relationship with ripe.  should i trust ripe's
signing the identity of anja's asn more or less than 666 signing it
and 666's identity being attested to by 1239 and 701, the latter
likely being cross-signed by 1239 and 2914?

> Furthermore, given that a trust algebra may yield a trust value,
> rather than a simple 0/1, is it reasonable to use that assessment
> as a BGP preference selector?  That would tie the security very
> deeply -- too deeply? -- into BGP's guts.

i am aware of other research proposals where routing trust is
ordinal or even real depending on various distances.