Implement BGP malicious route checks before publishing descriptor in consensus

Alternatively, treat as normal and simply flag the BGP route as malicious or not for the listed endpoints in a consensus.

This is in response to observed, repeated, malicious route jacking attacks for specific address ranges through monkey-in-the-middle attackers.

"Malicious route jacking" is explicitly mentioned here as distinct from anomalous route changes or advertisement behavior, nor does it encompass benign incompetence affecting widespread route behavior of an indiscriminate nature.

See also: http://www.renesys.com/2013/11/mitm-internet-hijacking/ http://www.renesys.com/2010/11/chinas-18-minute-mystery/

Trac:
Username: anon