{"draft":"draft-ietf-sidr-bgpsec-threats-09","doc_id":"RFC7132","title":"Threat Model for BGP Path Security","authors":["S. Kent","A. Chi"],"format":["ASCII","HTML"],"page_count":"20","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Secure Inter-Domain Routing","abstract":"This document describes a threat model for the context in which\r\nExternal Border Gateway Protocol (EBGP) path security mechanisms will\r\nbe developed.  The threat model includes an analysis of the Resource\r\nPublic Key Infrastructure (RPKI) and focuses on the ability of an\r\nAutonomous System (AS) to verify the authenticity of the AS path info\r\nreceived in a BGP update.  We use the term \"PATHSEC\" to refer to any\r\nBGP path security technology that makes use of the RPKI.  PATHSEC\r\nwill secure BGP, consistent with the inter-AS security focus of the\r\nRPKI.\r\n\r\nThe document characterizes classes of potential adversaries that are\r\nconsidered to be threats and examines classes of attacks that might\r\nbe launched against PATHSEC.  It does not revisit attacks against\r\nunprotected BGP, as that topic has already been addressed in the\r\nBGP-4 standard.  It concludes with a brief discussion of residual\r\nvulnerabilities.","pub_date":"February 2014","keywords":["BGPSEC","RPKI","SIDR"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7132","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc7132"}