Google Research

RFC 8205 - BGPsec Protocol Specification

  • Rob Austein
  • Steven Bellovin
  • Russ Housley
  • Stephen Kent
  • Warren Kumari
  • Doug Montgomery
  • Chris Morrow
  • Sandy Murphy
  • Keyur Patel
  • John Scudder
  • Samuel Weiler
  • Matthew Lepinski
  • Kotikalapudi Sriram
IETF RFCs, RFC Editor (2017), pp. 45


This document describes BGPsec, an extension to the Border Gateway Protocol (BGP) that provides security for the path of Autonomous Systems (ASes) through which a BGP UPDATE message passes. BGPsec is implemented via an optional non-transitive BGP path attribute that carries digital signatures produced by each AS that propagates the UPDATE message. The digital signatures provide confidence that every AS on the path of ASes listed in the UPDATE message has explicitly authorized the advertisement of the route.

Learn more about how we do research

We maintain a portfolio of research projects, providing individuals and teams the freedom to emphasize specific types of work