Re: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
"Susan Hares" <shares@ndzh.com> Thu, 27 August 2015 20:53 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 096051A88C3 for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:53:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.055
X-Spam-Level:
X-Spam-Status: No, score=-99.055 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sxFlXQgSwZA1 for <i2rs@ietfa.amsl.com>; Thu, 27 Aug 2015 13:53:55 -0700 (PDT)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 889261A6FCF for <i2rs@ietf.org>; Thu, 27 Aug 2015 13:53:54 -0700 (PDT)
X-Default-Received-SPF: pass (skip=forwardok (res=PASS)) x-ip-name=174.124.171.7;
From: Susan Hares <shares@ndzh.com>
To: 'Jeffrey Haas' <jhaas@pfrc.org>, i2rs@ietf.org
References: <20150827203209.GB19039@pfrc.org>
In-Reply-To: <20150827203209.GB19039@pfrc.org>
Date: Thu, 27 Aug 2015 16:53:50 -0400
Message-ID: <01cc01d0e10a$7a0d29f0$6e277dd0$@ndzh.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQMiEqvQycR8/UINrY0rHW3Rm89T2Zt97l3w
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/qo87wT_CC84H_rrfsYdDTKxLmOs>
Subject: Re: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 20:53:56 -0000
Jeff: I agree it is a goal rather than an absolute. My first discussions with Daniel pointed this out. Do you think moving it back to REQ 3: The I2RS Agent validates data to try to insure that injecting the Information does not create a deadlock with any other system or a routing loop or prevent the control plane from converging. (This is a goal for the system, and it should keep track of when Injecting information does cause deadlocks, routing loops, or retards the routing convergence process.). Or is it better to suggest it as a recommendation? Any thoughts? Sue -----Original Message----- From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Jeffrey Haas Sent: Thursday, August 27, 2015 4:32 PM To: i2rs@ietf.org Subject: [i2rs] draft-mglt-i2rs-security-environment-reqs, REQ 3 I've been reviewing the environment requirements, thanks for picking up this work. Requirement 3 contains the following: REQ 3: The I2RS Agent validates data to ensure injecting the information will not create a deadlock with any other system, nor will it create a routing loop, nor will it cause the control plane to fail to converge. I2RS has already received feedback from our netconf experts expressing concern over how validation even at the schema levels may introduce excessive latency. This contradicts the I2RS "need for speed". I have a broader concern that the above requirement may simply be an intractable problem. It's a loft goal, but the overhead in validating all such things is likely not within the goal of speed. Thoughts? -- Jeff _______________________________________________ i2rs mailing list i2rs@ietf.org https://www.ietf.org/mailman/listinfo/i2rs
- [i2rs] draft-mglt-i2rs-security-environment-reqs,… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Alia Atlas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Jeffrey Haas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Juergen Schoenwaelder
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Susan Hares
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Nadeau Thomas
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault
- Re: [i2rs] draft-mglt-i2rs-security-environment-r… Daniel Migault