For many years the fundamental elements of the Internet: names and addresses, were the source of basic structural vulner-abilities in the network. With the increasing momentum behind the deployment of Domain Name System Security Extensions (DNSSEC) [0], there is some cause for optimism that we have the elements of securing the name space now in hand, but what about addresses and routing? In this article we will look at current efforts within the Internet Engineering Task Force (IETF) to secure the use of addresses within the routing infrastructure of the Internet, and the status of current work of the Secure Inter-Domain Routing (SIDR) Working Group.

We will look at the approach the SIDR Working Group has taken, and examine the architecture and mechanisms that it has adopted as part of this study. This work was undertaken in three stages: the first concentrated on the mechanisms to support attestations relating to addresses and their use; the second looked at how to secure origination of routing announcements; and the third looked at how to secure the transitive part of Border Gateway Protocol (BGP) route propagation.