P2pbgpsec

From Technologia Incognita
Revision as of 23:12, 6 March 2012 by Dreamer (talk | contribs)
Jump to: navigation, search
Projects
Participants
Skills
Status Planning
Niche Software
Purpose Infrastructure

Peer 2 Peer BGP Security

wiki page for participants of p2p-sec mailing list: https://lists.puscii.nl/wws/arc/p2p-sec

Objective

  • to contribute to creation and implementation of the distributed/decentralized (web-of-trust) BGP security.
  • to create connections between people who share simmilar concerns about the upcoming introduction of hierarchical BGP-security structures, based on PKI/X.509 technology
  • to provide space for disscussion & exchange of opinions, news, materials
  • to co-ordinate the efforts among various groups that work on the above topics

Problem statements

  • Internet Governance view: excellent summary by Milton Mueller:

"Building a new governance hierarchy" http://internetgovernance.org/pdf/RPKI-VilniusIGPfinal.pdf

  • Techical view: How broken is SSL:
    • a talk by Moxie Marlinspike: "SSL And The Future Of Authenticity" at Defcon 2011:

http://www.youtube.com/watch?v=Z7Wl2FW2TcA

    • Basic threat scenario: Man in the Middle attack / prefix hijacking,

presented at Defcon, 2008, by Pilosov/Kapela: http://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-pilosov-kapela.pdf

    • Enisa report on the routing security: :

http://www.enisa.europa.eu/act/res/technologies/tech/routing/state-of-the-art-deployment-and-impact-on-network-resilience

    • Jeroen Massar's presentaton on Routing Security

http://www.swinog.ch/meetings/swinog21/p/14_SwiNOG21%20-%20Security,%20DDOS%20Mitigation,%20AntiSpam.ppt

Possble alternative technical approaches

  • "trust agility", a talk by Moxie Marlinspike: "SSL And The Future Of Authenticity" at Defcon 2011:

http://www.youtube.com/watch?v=Z7Wl2FW2TcA


Current solution: RPKI & sBGP


Public discussion in European region: (articles, mailing lists, links) http://www.ripe.net/lir-services/resource-management/certification/community-development