Re: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
"Susan Hares" <shares@ndzh.com> Thu, 27 August 2015 20:54 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9779E1A0099 for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:54:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.054
X-Spam-Level:
X-Spam-Status: No, score=-99.054 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VR_l5Rj1_3DJ for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:54:40 -0700 (PDT)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F3F21A9149 for <i2rs@ietf.org>; Thu, 27 Aug 2015 13:54:38 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=174.124.171.7;
From: Susan Hares <shares@ndzh.com>
To: 'Alia Atlas' <akatlas@gmail.com>, 'Jeffrey Haas' <jhaas@pfrc.org>
References: <20150827203209.GB19039@pfrc.org> <CAG4d1rco35EtNXuPCR77xqHCgcbPEOu6Atb3SMu5r33XGiZ25g@mail.gmail.com>
In-Reply-To: <CAG4d1rco35EtNXuPCR77xqHCgcbPEOu6Atb3SMu5r33XGiZ25g@mail.gmail.com>
Date: Thu, 27 Aug 2015 16:54:33 -0400
Message-ID: <01d101d0e10a$93d92af0$bb8b80d0$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01D2_01D0E0E9.0CC91190"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQMiEqvQycR8/UINrY0rHW3Rm89T2QKXX5dfm2k0v/A=
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/0GEZKbQ8zjjBtNrLgzlVCCxM0OY>
Cc: i2rs@ietf.org
Subject: Re: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 20:54:41 -0000
Alia and Jeff: Should we just drop this requirement? Sue From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Alia Atlas Sent: Thursday, August 27, 2015 4:33 PM To: Jeffrey Haas Cc: i2rs@ietf.org Subject: Re: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3 <no-hats> Good catch - this seems to be very aspirational and contradicts what the architecture says - which is basically that the user may cause issues. Regards, Alia </no-hats> On Thu, Aug 27, 2015 at 4:32 PM, Jeffrey Haas <jhaas@pfrc.org> wrote: I've been reviewing the environment requirements, thanks for picking up this work. Requirement 3 contains the following: REQ 3: The I2RS Agent validates data to ensure injecting the information will not create a deadlock with any other system, nor will it create a routing loop, nor will it cause the control plane to fail to converge. I2RS has already received feedback from our netconf experts expressing concern over how validation even at the schema levels may introduce excessive latency. This contradicts the I2RS "need for speed". I have a broader concern that the above requirement may simply be an intractable problem. It's a loft goal, but the overhead in validating all such things is likely not within the goal of speed. Thoughts? -- Jeff _______________________________________________ i2rs mailing list i2rs@ietf.org https://www.ietf.org/mailman/listinfo/i2rs
- [i2rs] draft-mglt-i2rs-security-environment-reqs,… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Alia Atlas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Juergen Schoenwaelder
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Nadeau Thomas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault