Re: [Gen-art] Gen-ART Last Call review of draft-ietf-idr-bgp-extended-messages-33
Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 04 July 2019 20:35 UTC
Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57DEA120232; Thu, 4 Jul 2019 13:35:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9HOhEQackF0u; Thu, 4 Jul 2019 13:35:29 -0700 (PDT)
Received: from outgoing-alum.mit.edu (outgoing-alum.mit.edu [18.7.68.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B10E91200D5; Thu, 4 Jul 2019 13:35:29 -0700 (PDT)
Received: from PaulKyzivatsMBP.localdomain (c-24-62-227-142.hsd1.ma.comcast.net [24.62.227.142]) (authenticated bits=0) (User authenticated as pkyzivat@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.14.7/8.12.4) with ESMTP id x64KZQpp023519 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 4 Jul 2019 16:35:27 -0400
To: Randy Bush <randy@psg.com>
Cc: draft-ietf-idr-bgp-extended-messages.all@ietf.org, General Area Review Team <gen-art@ietf.org>
References: <e96e60ca-8b54-9209-9789-189447cc1f70@alum.mit.edu> <m24l41y7q9.wl-randy@psg.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <aceceeb3-ba85-0f32-0242-978700063954@alum.mit.edu>
Date: Thu, 04 Jul 2019 16:35:26 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <m24l41y7q9.wl-randy@psg.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/PMrMnF9szssCDlBWmNwJERCHAfM>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-idr-bgp-extended-messages-33
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jul 2019 20:35:32 -0000
Randy, On 7/4/19 2:28 PM, Randy Bush wrote: > paul, > > thanks for the review. appreciated. > >> The Abstract and Introduction are written in the abstract, implying >> (to me) that the requirements here are intended to be broadly >> applicable for the stated purposes, over an extended period of >> time. On the other hand, I get the impression that requirements in >> this document are actually more focused, intended for use in a >> one-time selection of an Internet video codec to be a successor to >> HEVC and VP9. >> >> If this document is intended only for one-time use then it isn't >> evident to me why it ever needs to become an RFC. > > it is intended to change bgp forever. Oops!!! I'm sorry. This was a cut/paste error from another review. Please ignore the entire Summary section. I will resend this review. >> 1) NIT: >> >> Section 4 says: >> >> If a BGP message with a Length greater than 4,096 octets is received >> by a BGP listener who has not advertised the Extended Message >> Capability, the listener MUST treat this as a malformed message, and >> MUST generate a NOTIFICATION with the Error Subcode set to Bad >> Message Length (see [RFC4271] Sec 6.1). >> >> The "MUST" seems inappropriate because this is not new normative >> behavior. Rather it is the existing behavior, at it states. This is >> already covered by the 2nd paragraph of Section 5, so why does it need >> to be covered here as well? > > the authors have received instruction both ways on this one. so is it > ok if we let the routing ad, alvaro, call it. i have no dog in this > fight. Fair enough. >> 2) NIT: >> >> Reading the last two security considerations in section 8 leaves me >> concerned. I was expecting to see some further discussion of how these >> issues can be mitigated, or why it is OK that they are not. > > i am not sure if there are mitigations. > > i believe that the hope is that actual message lengths are well below 4k > today, and this will deploy before they really grow. e.g. we do not > expect bgpsec in more then five years, more likely ten. I didn't have a good idea what to expect in the way of mitigations, but the consequences seemed relatively dire. Perhaps you could put in some of this explanation and stress the need for support to be deployed widely before it is needed. Thanks, Paul
- [Gen-art] Gen-ART Last Call review of draft-ietf-… Paul Kyzivat
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Randy Bush
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Paul Kyzivat
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Randy Bush
- Re: [Gen-art] Gen-ART Last Call review of draft-i… Alissa Cooper