For some time now, RPSEC has been trying to develop requirements for routing security. That work is somewhat stalled and SIDR appears to be an attempt to acknowledge that and move forward with developing IDR security technology in the absence of a complete requirements analysis. There were presentations by Russ White (soBGP), Steve Kent (sBGP) and Marcus Leech (psBGP) on their respective proposals. There wasn't too much discussion of the relative merits of each proposal. There seemed to be general enthusiasm for forming some WG, but there was contention about what should be on the charter. The two big possible work items are (1) setting up the infrastucture for authorizing who is currently responsible for a given AS and (2) protocols for actually carrying authenticated routing path information. A number of the routing types (Sue Hares in particular) want to focus on (1) and put off (2) in deference to RPSEC completing. The counterpoint concern is that RPSEC is making very slow progress and that gating progress on that work is problematic. I don't have a good recommendation here... It does seem like RPSEC is kind of bogged down, but I'm also not sure we can do a good job on this project without some kind of clear idea of what we're trying to accomplish, especially in view of the confusing state of RIR record keeping.
