Background: Why are we working on this problem. Limited domains exist but not well de Examples: Provide a bunch of examples of limited domains. Both successful and unsuccessful Security requirements for limited domains:
- Identify boundaries of domain: with examples
- Fail closed principle: Explicit config required for protocol to cross boundaries Data plane vs Control plane: (e.g. RFC8212 for BGP) Encapsulation as a concept:
- Using encapping as a mechanism for collaborating across multiple limited domains (Yes/No)
- Talk about security issues (RFC6169)
Attack scenarios: Attacks from outside the domain Attacks inside the domain Inadverdent effects of leaks on the Internet