BOF Report: SIDR

|
For some time now, RPSEC has been trying to develop requirements
for routing security. That work is somewhat stalled and SIDR
appears to be an attempt to acknowledge that and move forward
with developing IDR security technology in the absence of a complete
requirements analysis.

There were presentations by Russ White (soBGP), Steve Kent
(sBGP) and Marcus Leech (psBGP) on their respective proposals. 
There wasn't too much discussion of the relative merits of each
proposal. 

There seemed to be general enthusiasm for forming some WG, but there was
contention about what should be on the charter. The two big possible
work items are (1) setting up the infrastucture for authorizing who is
currently responsible for a given AS and (2) protocols for actually
carrying authenticated routing path information. A number of the routing
types (Sue Hares in particular) want to focus on (1) and put off (2)
in deference to RPSEC completing. The counterpoint concern is that
RPSEC is making very slow progress and that gating progress on that
work is problematic.

I don't have a good recommendation here... It does seem like
RPSEC is kind of bogged down, but I'm also not sure we can do a
good job on this project without some kind of clear idea of what
we're trying to accomplish, especially in view of the confusing
state of RIR record keeping.