draft-ietf-ptomaine-nopeer-00.txt

[Randy Bush <randy@psg.com>]

author agrees to go for info as there is not wide documented deployment

author will revise sec cons per ops-dir discussion

revised version should be in i-d dir for thurs agenda.  if not, new
sec cons is as appended.

randy

---

Security Considerations
 
  "BGP is an instance of a relaying protocol, where route information
   is received, processed and forwarded. BGP contains no specific
   mechanisms to prevent the unauthorized modification of the
   information by a forwarding agent, allowing routing information to be
   modified, deleted or fase information to be inserted without
   the knowledge of the originator of the routing information or
   any of the recipients.
 
   This proposed NOPEER community does not alter this overall situation
   concerning the integrity of BGP as a routing system.
 
   This proposal has the capability to introduce additional attack
   mechanisms into BGP by allowing the potential for denial of service
   attacks for an address prefix range being launched by a remote AS.
 
   Unauthorized addition of this community to a route prefix by a transit
   provider where there is no covering aggregate route prefix may cause a
   denial of service attack based on denial of reachability to the
   prefix. Even in the case that there is a covering aggregate, if the
   more specific route has a different origin AS than the aggregate, the
   addition of this community by a transit AS may cause a denial of
   service attack on the origin AS of the more specific prefix.
 
   BGP is already vulnerable to a denial of service attack based on the
   injection of false routing information. It is possible to use this
   community to limit the redistribution of a false route entry such that
   its visibility can be limited and detection and rectification of the
   problem can be more difficult under the circumstances of limited
   redistribution.