Keying and Authentication for Routing Protocols
charter-ietf-karp-01

The KARP working group is tasked to work with the routing protocol
  working groups in order to improve the communication security of the
  packets on the wire used by the routing protocols. This working group is
  concerned with message authentication, packet integrity, and denial of
  service (DoS) protection. At present, this charter explicitly excludes
  confidentiality and non-repudiation concerns.
  
  Authenticating the routing peer sending a message, and message integrity
  protection, will be provided through the use of per-packet cryptographic
  message authentication. Peer authentication will protect against
  unrecognized peers, imposter peers, and some DoS attacks aimed at
  routers. Protecting against misbehavior of an otherwise allowed peer
  router is outside the scope of this working group.
  
  Many routing protocols (or groups of protocols) already have some
  method for accomplishing cryptographic message authentication.
  In many or most cases existing methods are vulnerable to known
  attack, and some employ cryptographic algorithms that have been
  deprecated. While much work has been done to update authentication
  of routing protocols, current status is not consistently up to date.
  It is important to review and update those mechanisms to use modern
  security practices. Ensuring algorithm agility within routing
  protocols is of particular importance.
  
  A goal of the working group is to add incremental security
  to existing mechanisms rather than replacing them. Better deployable
  solutions to which vendors and operators can migrate is more important
  than getting a perfect security solution.
  
  Although there are many candidate routing protocols to evaluate, KARP
  must by necessity begin with a restricted focus. The initial set of
  routing protocols in scope include BGP, OSPFv2, OSPFv3, PCE, PIM, LDP,
  RSVP-TE, ISIS, BFD, LMP, and MSDP.
  
  The working group must coordinate very closely with other working
  groups, such as:
  
  - Routing protocol working groups for any routing protocol being
  evaluated. This coordination will include cooperatively determining the
  current or already planned state of the security work in the protocol.
  It will also include ensuring that any proposed mechanisms are
  consistent with the architecture and use of the protocol. Also, any
  specific proposal accepted as a KARP document will be developed in
  cooperation with the concerned protocol working group.
  
  - Security area working groups for cryptographic advice, and/or key
  management protocol support. Cryptographic protocol support may be
  required in order to support certain KARP WG milestones. Coordination
  with an appropriate working group in the security area would be
  necessary in order to get the appropriate expertise in completing a
  milestone. This charter provides for preliminary work in this space,
  although it is expected that detailed work items will be added to the
  charter when the problem has been better analyzed. For example, this may
  include a key management protocol by which routing protcols
  automatically negotiate keying material and policy. More about the use
  of a key management protocol will be captured in a framework document
  described below.
  
  - OPSEC working group for advice on best practices to create and use
  integrity keys used with routing protocol message authentication. KARP
  will also coordinate with other Operations and Management area WGs
  and/or experts in order to identify operational impacts on existing
  routing protocols and to identify any management extensions that may
  be required.
  
  Routing protocols use a range of transport mechanisms and communication
  relationships. There are also differences in details among the various
  protocols. The working group will attempt to describe the security
  relevant characteristics of routings protocols, such as the use or
  non-use of TCP, or the frequent use of group communication versus purely
  pairwise communication. Using these characteristics, the working group
  will then provide suitable common frameworks that can be applied, and
  tailored, to improve the communication security of the routing
  protocols. In later phases, it is expected that the working group will
  investigate the suitably of defining conceptual structures and APIs, so
  as to enable further work to be more effective.
  
  Work Items:
  
  - Determine current threats to the routing protocol operation, and
  define general requirements for cryptographic authentication of routing
  protocols. A primary source for this document should be
  draft-lebovitz-karp-roadmap, although RFC 4393 may also be useful.
  
  - Identify deficiencies of each routing protocol in scope, and specify
  mechanisms that bring them in line with the general requirements. These
  are referred to as protocol gap analysis documents.
  
  - Define one or more frameworks describing the common elements for
  modern authentication in routing protocols.
  
  - Publish guidance on how to create a gap analysis for routing
  protocols.
  
  - Publish guidance on guidance to operators on how to create and use
  integrity keys used with routing protocol message authentication.
  
  - Specify automated key management needs for routing protocols.