adding bgpsec to bird

Ondrej Zajicek santiago at crfreenet.org
Tue Mar 20 22:58:02 CET 2012


On Tue, Mar 20, 2012 at 11:11:44AM -0700, Michael Baer wrote:
> 
> Hi All,
> 
> We've been working on an extension to BIRD supporting the BGPSec
> protocol that is currently being discussed in the IETF SIDR Working
> Group.  And I had some questions I wanted to ask the BIRD developers.
> If the user list isn't the appropriate forum, let me know and we can
> discuss it elsewhere or offline.

I guess user list is appropriate. Personally, i do not believe in
user/developer mailing list splits.

> We've made some initial progress, although it's not even to what I would
> call an Alpha stage yet.  Our current plan is to have a beta/alpha
> working by the beginning of Summer and to continue work on it for up to
> a year afterwords.
> 
> We would like to have the work contributed back to the BIRD project.
> Which brings me to the questions I had.  Is the BIRD team interested in
> the contribution?  Are we in conflict with any work you are doing to
> support BGPSec? (I haven't seen any mention on the user list, but I
> don't know if there has been any work otherwise).  Assuming you are
> interested, besides that our code should have a compatible license,
> i.e. GPL, and it should try match the coding style of the files that are
> modified, are there any other requirements or desires that you may have
> regarding code enhancements and contributions to the BIRD project?

We are interested in contributions, although it sometimes took a while
to get reviewed and merged, esp. if it is an invasive patch.

We don't have any current plans on BGPSec, AFAIK.

GPL; coding style similar to one used in nest, BGP or OSPF and reusing
existing elements and code patterns instead of reinventing wheel is
probably enough. It is a good idea to write some overview (how it will
be integrated in the current code) beforehand, esp. for invasive changes
to the current code or non-standard interactions with the rest of BIRD.

I don't know BGPSec, bug i see some possible problems - first, BGP code
(and most of BIRD route propagation), is synchronous, which is probably
not well suited for cryptographic validation. Second, how cryptographic
code would be connected - external tool for validation, external lib,
internal lib.

-- 
Elen sila lumenn' omentielvo

Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20120320/83990575/attachment-0001.asc>


More information about the Bird-users mailing list