BGP Prefix Origin Validation
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: RFC Editor <firstname.lastname@example.org>, sidr mailing list <email@example.com>, sidr chair <firstname.lastname@example.org> Subject: Protocol Action: 'BGP Prefix Origin Validation' to Proposed Standard (draft-ietf-sidr-pfx-validate-10.txt) The IESG has approved the following document: - 'BGP Prefix Origin Validation' (draft-ietf-sidr-pfx-validate-10.txt) as Proposed Standard This document is the product of the Secure Inter-Domain Routing Working Group. The IESG contact persons are Stewart Bryant and Adrian Farrel. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-sidr-pfx-validate/
Technical Summary To help reduce well-known threats against BGP including prefix mis- announcing and monkey-in-the-middle attacks, one of the security requirements is the ability to validate the origination AS of BGP routes. More specifically, one needs to validate that the AS number claiming to originate an address prefix (as derived from the AS_PATH attribute of the BGP route) is in fact authorized by the prefix holder to do so. This document describes a simple validation mechanism to partially satisfy this requirement. Working Group Summary There were several revisions (8) of this document, there was a fairly lengthy discussion in several in-person meetings as well as on-list. In the end, all of the issues seem to have been dealt with. Document Quality To date, there are 2 implementations in vendor code, one of which brought about the single IPR claim against this document. Personnel Chris Morrow is the Document Shepherd for this document. Stewart Bryant is the Responsible Area Director.