Difference between revisions of "P2pbgpsec"
| Line 8: | Line 8: | ||
<i>wiki page for participants of p2p-sec mailing list: https://lists.puscii.nl/wws/arc/p2p-sec </i> | <i>wiki page for participants of p2p-sec mailing list: https://lists.puscii.nl/wws/arc/p2p-sec </i> | ||
| − | ''' | + | '''Objectives''' |
<br> | <br> | ||
* to contribute to creation and implementation of the distributed/decentralized (web-of-trust) BGP security. | * to contribute to creation and implementation of the distributed/decentralized (web-of-trust) BGP security. | ||
| Line 17: | Line 17: | ||
'''Problem statements''' | '''Problem statements''' | ||
<br> | <br> | ||
| − | * Internet Governance view: excellent summary by Milton Mueller, Brenden Kuerbis. (2010,09).<br> <i>"Building a new governance hierarchy: RPKI and the future of Internet routing | + | * <b>Internet Governance view</b>: |
| + | ** excellent summary by Milton Mueller, Brenden Kuerbis. (2010,09).<br> <i>"Building a new governance hierarchy: RPKI and the future of Internet routing | ||
and addressing.</i> | and addressing.</i> | ||
Retrieved from Internet Governance Project: | Retrieved from Internet Governance Project: | ||
http://internetgovernance.org/pdf/RPKI-VilniusIGPfinal.pdf | http://internetgovernance.org/pdf/RPKI-VilniusIGPfinal.pdf | ||
| − | * <i>"Negotiating a New Governance Hierarchy: An Analysis of the | + | ** <i>"Negotiating a New Governance Hierarchy: An Analysis of the |
Conflicting Incentives to Secure Internet Routing" </i><br> | Conflicting Incentives to Secure Internet Routing" </i><br> | ||
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2021835 | http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2021835 | ||
| − | * Techical view: How broken is SSL: | + | * <b>Techical view</b>: |
| − | + | ||
| + | ** How broken is SSL: a talk by Moxie Marlinspike: "SSL And The Future Of Authenticity" at Defcon 2011: | ||
http://www.youtube.com/watch?v=Z7Wl2FW2TcA | http://www.youtube.com/watch?v=Z7Wl2FW2TcA | ||
| Line 46: | Line 48: | ||
* http://convergence.io/ | * http://convergence.io/ | ||
* Soveregn Keys, Peter Eckersley from EFF [http://mirror.fem-net.de/CCC/28C3/mp4-h264-HQ/28c3-4798-en-sovereign_keys_h264.mp4 mp4 HQ][http://mirror.fem-net.de/CCC/28C3/mp4-h264-LQ/28c3-4798-en-sovereign_keys_h264-iprod.mp4 mp4 LQ] | * Soveregn Keys, Peter Eckersley from EFF [http://mirror.fem-net.de/CCC/28C3/mp4-h264-HQ/28c3-4798-en-sovereign_keys_h264.mp4 mp4 HQ][http://mirror.fem-net.de/CCC/28C3/mp4-h264-LQ/28c3-4798-en-sovereign_keys_h264-iprod.mp4 mp4 LQ] | ||
| + | https://www.eff.org/deeplinks/2011/11/sovereign-keys-proposal-make-https-and-email-more-secure | ||
| + | |||
* [[P2pbgpsec Proposal TBO|"Trusted BGP Observers, an extension to RPKI"]] | * [[P2pbgpsec Proposal TBO|"Trusted BGP Observers, an extension to RPKI"]] | ||
| Line 57: | Line 61: | ||
Public discussion in European region: (articles, mailing lists, links) | Public discussion in European region: (articles, mailing lists, links) | ||
http://www.ripe.net/lir-services/resource-management/certification/community-development | http://www.ripe.net/lir-services/resource-management/certification/community-development | ||
| + | |||
| + | '''In the news:''' | ||
| + | * Malcolm Hutty, from London Internet Exchange: | ||
| + | https://publicaffairs.linx.net/news/?p=6118 | ||
| + | |||
| + | * | ||
| + | http://www.circleid.com/posts/20111103_ripe_members_vote_to_continue_rpki_wo | ||
| + | rk/ | ||
| + | * | ||
Revision as of 11:14, 31 August 2012
| Projects | |
|---|---|
| Participants | |
| Skills | |
| Status | Planning |
| Niche | Software |
| Purpose | Infrastructure |
Peer 2 Peer BGP Security
wiki page for participants of p2p-sec mailing list: https://lists.puscii.nl/wws/arc/p2p-sec
Objectives
- to contribute to creation and implementation of the distributed/decentralized (web-of-trust) BGP security.
- to create connections between people who share simmilar concerns about the upcoming introduction of hierarchical BGP-security structures, based on PKI/X.509 technology
- to provide space for disscussion & exchange of opinions, news, materials
- to co-ordinate the efforts among various groups that work on the above topics
Problem statements
- Internet Governance view:
- excellent summary by Milton Mueller, Brenden Kuerbis. (2010,09).
"Building a new governance hierarchy: RPKI and the future of Internet routing
- excellent summary by Milton Mueller, Brenden Kuerbis. (2010,09).
and addressing. Retrieved from Internet Governance Project: http://internetgovernance.org/pdf/RPKI-VilniusIGPfinal.pdf
- "Negotiating a New Governance Hierarchy: An Analysis of the
Conflicting Incentives to Secure Internet Routing"
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2021835
- Techical view:
- How broken is SSL: a talk by Moxie Marlinspike: "SSL And The Future Of Authenticity" at Defcon 2011:
http://www.youtube.com/watch?v=Z7Wl2FW2TcA
- Basic threat scenario: Man in the Middle attack / prefix hijacking,
presented at Defcon, 2008, by Pilosov/Kapela: http://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-pilosov-kapela.pdf
- Enisa report on the routing security: :
- Jeroen Massar's presentaton on Routing Security
Possble alternative technical approaches
- "trust agility", a talk by Moxie Marlinspike: "SSL And The Future Of Authenticity" at Defcon 2011:
http://www.youtube.com/watch?v=Z7Wl2FW2TcA
- http://convergence.io/
- Soveregn Keys, Peter Eckersley from EFF mp4 HQmp4 LQ
https://www.eff.org/deeplinks/2011/11/sovereign-keys-proposal-make-https-and-email-more-secure
Current solution: RPKI & sBGP
- Software: http://www.rpki.net/
- IETF wg: SIDR (secure InterDomain Routing)
Public discussion in European region: (articles, mailing lists, links)
http://www.ripe.net/lir-services/resource-management/certification/community-development
In the news:
- Malcolm Hutty, from London Internet Exchange:
https://publicaffairs.linx.net/news/?p=6118
http://www.circleid.com/posts/20111103_ripe_members_vote_to_continue_rpki_wo rk/
