From: Blaine Christian (no email)
Date: Thu Mar 03 2005 - 13:51:38 EST
> I am probably telling you what you already know, but for the ones who
> don't know it yet:
>
> Secure BGP (S-BGP):
> http://www.ir.bbn.com/projects/s-bgp/
> http://www.nanog.org/mtg-0306/pdf/bellovinsbgp.pdf
> http://www.nwfusion.com/details/6484.html?def
>
> and of course the sister by amongst others Cisco:
>
> Secure Origin BGP (SO-BGP):
> http://bgp.potaroo.net/ietf/idref/ draft-ng-sobgp-bgp-extensions/
> http://www.nwfusion.com/details/6485.html
> http://www.nanog.org/mtg-0306/pdf/alvaro.pdf
>
> etc... most people know how to google I guess ;)
>
> Aka BGP with certificates and other nice tricks.
>
And, of course, the RPSEC working group draft that is supposed to target the
BGP requirements for those proposed systems is...
http://www.ietf.org/internet-drafts/draft-ietf-rpsec-bgpsecrec-01.txt
The folks who worked on S-BGP and SO-BGP participated in it's creation (as
well as several operators). Please note that there are more than just two
proposed mechanisms for securing BGP. The two mentioned above are just the
most popular <grin>.
|
|
|