Home page logo

nanog logo nanog mailing list archives

Re: route ingress
From: "John A. Tamplin" <jat () traveller com>
Date: Tue, 6 Jan 1998 13:10:10 -0600 (CST)

On 6 Jan 1998, Sean M. Doran wrote:

This would be much easier if we had a bottom-up
hierarchical addressing structure rather than the 
current top-down one.

Consider the distribution of cryptographically
authenticated connectivity maps a la NIMROD or a 
multi-level LS protocol, for example, for path
authentication vs. how one would distribute and 
authenticate reachability information with the 
current addressing structure.

I don't understand how the current top-down allocation affects how that 
would be done.  As I see it (and I haven't spent any significant time
working on it, but it seems straightforward):
 1) ARIN/whoever signs an address allocation to an entity
 2) that entity signs route announcements to peers/upstreams, incuding
    who they are announced to
 3) readvertisements are signed by the advertiser

Any recipient of a route can verify that the address space was properly 
allocated by inspecting the address allocation certificate and verifying
the signature of the registry, and they can verify the path that 
advertisement has taken to get to where it is.  Thus no one can interject
a route to a network prefix that is not properly allocated, and someone 
cannot steal a route advertisement for someone else's prefix.  The biggest
problem with something like this is the size of the routing table in
memory (since you have to keep certificates around for readvertisements)
and in the bandwidth required for the updates.

I am not familiar with NIMROD, do you have a pointer to it?

John Tamplin                                    Traveller Information Services
jat () Traveller COM                            2104 West Ferry Way
205/883-4233x7007                               Huntsville, AL 35801

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]