Jump to Content

RFC 8205 - BGPsec Protocol Specification

Rob Austein
Steven Bellovin
Russ Housley
Stephen Kent
Warren Kumari
Doug Montgomery
Chris Morrow
Sandy Murphy
Keyur Patel
John Scudder
Samuel Weiler
Matthew Lepinski
Kotikalapudi Sriram
IETF RFCs, RFC Editor (2017), pp. 45


This document describes BGPsec, an extension to the Border Gateway Protocol (BGP) that provides security for the path of Autonomous Systems (ASes) through which a BGP UPDATE message passes. BGPsec is implemented via an optional non-transitive BGP path attribute that carries digital signatures produced by each AS that propagates the UPDATE message. The digital signatures provide confidence that every AS on the path of ASes listed in the UPDATE message has explicitly authorized the advertisement of the route.