BGPsec Protocol Specification
RFC 8205

Document Type RFC - Proposed Standard (September 2017; No errata)
Updated by RFC 8206
Last updated 2017-09-27
Replaces draft-lepinski-bgpsec-protocol
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Matthias Wählisch
Shepherd write-up Show (last changed 2016-06-23)
IESG IESG state RFC 8205 (Proposed Standard)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alvaro Retana
Send notices to "Matthias Waehlisch" <m.waehlisch@fu-berlin.de>, aretana@cisco.com
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                  M. Lepinski, Ed.
Request for Comments: 8205                                           NCF
Category: Standards Track                                 K. Sriram, Ed.
ISSN: 2070-1721                                                     NIST
                                                          September 2017

                     BGPsec Protocol Specification

Abstract

   This document describes BGPsec, an extension to the Border Gateway
   Protocol (BGP) that provides security for the path of Autonomous
   Systems (ASes) through which a BGP UPDATE message passes.  BGPsec is
   implemented via an optional non-transitive BGP path attribute that
   carries digital signatures produced by each AS that propagates the
   UPDATE message.  The digital signatures provide confidence that every
   AS on the path of ASes listed in the UPDATE message has explicitly
   authorized the advertisement of the route.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8205.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Lepinski & Sriram            Standards Track                    [Page 1]
RFC 8205                     BGPsec Protocol              September 2017

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   2.  BGPsec Negotiation  . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  The BGPsec Capability . . . . . . . . . . . . . . . . . .   4
     2.2.  Negotiating BGPsec Support  . . . . . . . . . . . . . . .   5
   3.  The BGPsec_PATH Attribute . . . . . . . . . . . . . . . . . .   6
     3.1.  Secure_Path . . . . . . . . . . . . . . . . . . . . . . .   8
     3.2.  Signature_Block . . . . . . . . . . . . . . . . . . . . .  10
   4.  BGPsec UPDATE Messages  . . . . . . . . . . . . . . . . . . .  11
     4.1.  General Guidance  . . . . . . . . . . . . . . . . . . . .  11
     4.2.  Constructing the BGPsec_PATH Attribute  . . . . . . . . .  14
     4.3.  Processing Instructions for Confederation Members . . . .  18
     4.4.  Reconstructing the AS_PATH Attribute  . . . . . . . . . .  19
   5.  Processing a Received BGPsec UPDATE Message . . . . . . . . .  21
     5.1.  Overview of BGPsec Validation . . . . . . . . . . . . . .  22
     5.2.  Validation Algorithm  . . . . . . . . . . . . . . . . . .  23
   6.  Algorithms and Extensibility  . . . . . . . . . . . . . . . .  27
     6.1.  Algorithm Suite Considerations  . . . . . . . . . . . . .  27
     6.2.  Considerations for the SKI Size . . . . . . . . . . . . .  28
     6.3.  Extensibility Considerations  . . . . . . . . . . . . . .  28
   7.  Operations and Management Considerations  . . . . . . . . . .  29
     7.1.  Capability Negotiation Failure  . . . . . . . . . . . . .  29
     7.2.  Preventing Misuse of pCount=0 . . . . . . . . . . . . . .  29
     7.3.  Early Termination of Signature Verification . . . . . . .  30
     7.4.  Non-deterministic Signature Algorithms  . . . . . . . . .  30
     7.5.  Private AS Numbers  . . . . . . . . . . . . . . . . . . .  30
     7.6.  Robustness Considerations for Accessing RPKI Data . . . .  32
     7.7.  Graceful Restart  . . . . . . . . . . . . . . . . . . . .  32
     7.8.  Robustness of Secret Random Number in ECDSA . . . . . . .  32
     7.9.  Incremental/Partial Deployment Considerations . . . . . .  33
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .  33
     8.1.  Security Guarantees . . . . . . . . . . . . . . . . . . .  33
     8.2.  On the Removal of BGPsec Signatures . . . . . . . . . . .  34
     8.3.  Mitigation of Denial-of-Service Attacks . . . . . . . . .  36
Show full document text