Status of this Memo BGP Session Security Requirements

The document "BGP security requirements" (draft-ietf-rpsec-bgpsecrec) specifies general security requirements for BGP. However, specific security requirements for single BGP sessions, i.e., the connection between two BGP peers, are only touched on briefly in the section "transport layer protection". This document expands on this particular aspect of BGP security, defining the security requirements between two BGP peers.

[1]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[2]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[3]  Andy Heffernan,et al.  Protection of BGP Sessions via the TCP MD5 Signature Option , 1998, RFC.

[4]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[5]  Sean Convery,et al.  An Attack Tree for the Border Gateway Protocol , 2003 .

[6]  Marcus D. Leech Key Management Considerations for the TCP MD5 Signature Option , 2003, RFC.

[7]  David Meyer,et al.  The Generalized TTL Security Mechanism (GTSM) , 2004, RFC.

[8]  Danny McPherson Generic Security Requirements for Routing Protocols , 2005 .

[9]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[10]  Steven M. Bellovin,et al.  Standards Maturity Variance Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification , 2006, RFC.

[11]  Pekka Nikander,et al.  Host Identity Protocol (HIP) Architecture , 2006, RFC.

[12]  Yi Yang,et al.  Generic Threats to Routing Protocols , 2006, RFC.

[13]  Michael Behringer BGP Session Security Requirements , 2007 .

[14]  Brian Weis,et al.  Automated key selection extension for the TCP Enhanced Authentication Option , 2007 .

[15]  Steven M. Bellovin Key Change Strategies for TCP-MD5 , 2007 .

[16]  Darrel Lewis Service Provider Infrastructure Security , 2007 .

[17]  Steven Bellovin,et al.  Problem Statement and Requirements for a TCP Authentication Option , 2007 .

[18]  Tony Tauber,et al.  BGP Security Requirements , 2008 .