US NIST US NIST This document enumerates different types of route leaks based on observed events on the Internet. It illustrates how BGPSEC in its current form (as described in draft-ietf-sidr-bgpsec-protocol-09) already provides protection against all but one of these route-leaks scenarios. The document further discusses a design enhancement to the BGPSEC protocol that will extend protection against this one remaining type of route-leak attack as well. With the inclusion of this enhancement, BGPSEC is expected to provide protection against all types of route-leaks. The document also includes a stopgap method for detection and mitigation of route leaks for the phase when BGPSEC (path validation) is not yet deployed but only origin validation is deployed.