Technical Summary
This document describes BGPsec, an extension to the Border Gateway
Protocol (BGP) that provides security for the path of autonomous
systems through which a BGP update message passes. BGPsec is
implemented via an optional non-transitive BGP path attribute that
carries a digital signature produced by each autonomous system that
propagates the update message.
Working Group Summary
This document has been discussed in the working group since 2011. The WG
has been asked periodically to confirm continued interest, and has each
time indicated that the work is valuable and should continue. The idr WG
has also provided feedback and input.
Document Quality
The work mentioned here is applicable to all inter-domain BGP operators.
BGPsec has been implemented in BIRD and Quagga, two popular open source
BGP daemons. The BIRD community explicitly agreed to integrate this
extension in the main branch.
Personnel
Shepherd: Matthias Waehlisch
Responsible AD: Alvaro Retana
RFC Editor Note
This document is the base of a series being considered by the IESG; most are titled draft-ietf-sidr-bgpsec-*. This document should be published with the lowest RFC number, and be followed with consecutive RFC numbers by draft-ietf-sidr-as-migration and draft-ietf-sidr-bgpsec-ops. All other related documents don't require consecutive numbers.