[i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
Jeffrey Haas <jhaas@pfrc.org> Thu, 27 August 2015 20:29 UTC
Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3666B1B323D for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:29:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.178
X-Spam-Level:
X-Spam-Status: No, score=-0.178 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, IP_NOT_FRIENDLY=0.334, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 42JyE6XJCx5S for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:29:13 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 9A94F1B31EB for <i2rs@ietf.org>; Thu, 27 Aug 2015 13:29:13 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id ACF611E48F; Thu, 27 Aug 2015 16:32:09 -0400 (EDT)
Date: Thu, 27 Aug 2015 16:32:09 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: i2rs@ietf.org
Message-ID: <20150827203209.GB19039@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/UovmEe411Io2WQVIvqt1Q7dfBss>
Subject: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 20:29:14 -0000
I've been reviewing the environment requirements, thanks for picking up this
work. Requirement 3 contains the following:
REQ 3: The I2RS Agent validates data to ensure injecting the
information will not create a deadlock with any other system,
nor will it create a routing loop, nor will it cause the
control plane to fail to converge.
I2RS has already received feedback from our netconf experts expressing
concern over how validation even at the schema levels may introduce
excessive latency. This contradicts the I2RS "need for speed".
I have a broader concern that the above requirement may simply be an
intractable problem. It's a loft goal, but the overhead in validating all
such things is likely not within the goal of speed.
Thoughts?
-- Jeff
- [i2rs] draft-mglt-i2rs-security-environment-reqs,… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Alia Atlas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Juergen Schoenwaelder
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Nadeau Thomas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault