2024-09-04
White House: Internet Routing Security Enhancement Roadmap
The White House Office of the National Cyber Director has published a roadmap to enhancing Internet routing security. The document “aims to address a key security vulnerability associated with the Border Gateway Protocol (BGP),” and advocates for the adoption of Resource Public Key Infrastructure (RPKI). The roadmap offers recommended actions for network operators, network service providers, Federal Government and Communications and Information Technology Sector Stakeholder Collaboration, and policy actions specific to the federal government.
Editor's Note
Combatting all forms of hijacking and forgery requires strong authentication and integrity services, which in turn need reliable and ubiquitous cryptographic key infrastructure services – BGP and RPKI is just one example. The US government needs to use its market power to require all suppliers and recipients of government funding to move to strongly protected services – much the way years ago the US federal government required strong crypto to be used in browsers and that drove the overall adoption and improvement of SSL.
John Pescatore
Improvements in routing security have been ongoing. Many larger IPSs have implemented RPKI over the last few years. Let’s hope this initiative will help us cross the finish line to a more secure routing infrastructure.
Johannes Ullrich
This directive is intended to require network providers to implement ROA, RPKI and ROV, which are the current best practices for BGP security, including disclosure of the status of those implementations, ultimately resulting in restrictions or requirements in purchase agreements or contracts. This follows the June requirement from the FCC for the nine largest US broadband providers to file confidential reports on their plans to bolster BGP security. At this point about 70% BGP route originations on the global Internet are ROA-valid.
Lee Neely
It is high time this issue was addressed. We need a robust, resilient, and trustworthy infrastructure. That said, a quarter of a century of history and experience suggests that it represents a tolerable risk.
William Hugh Murray
Setting up the infrastructure for RPKI comes at additional cost and complexity; and that, perhaps, is the reason it hasn’t been implemented in North America. Absent a mandate by the USG, it’s just another nice document to put on the shelf.
Curtis Dukes
Read more in
White House: Fact Sheet: Biden-Harris Administration Releases Roadmap to Enhance Internet Routing Security
White House: Roadmap to Enhancing Internet Routing Security (PDF)
Nextgov: White House plan looks to secure a foundational piece of the global internet
The Register: White House thinks it's time to fix the insecure glue of the internet: Yup, BGP
The Record: White House calls attention to 'hard problem' of securing internet traffic routing
Security Week: White House Addresses BGP Vulnerabilities in New Internet Routing Security Roadmap