IETF Logo Mail Archive

Re: [Idr] WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25

Jeffrey Haas <jhaas@pfrc.org> Tue, 10 January 2023 23:11 UTC

Return-Path: <jhaas@pfrc.org>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5846AC14F738 for <idr@ietfa.amsl.com>; Tue, 10 Jan 2023 15:11:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id si7DVZYBtB-G for <idr@ietfa.amsl.com>; Tue, 10 Jan 2023 15:11:54 -0800 (PST)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 6F4B1C14F727 for <idr@ietf.org>; Tue, 10 Jan 2023 15:11:54 -0800 (PST)
Received: from smtpclient.apple (99-59-193-67.lightspeed.livnmi.sbcglobal.net [99.59.193.67]) by slice.pfrc.org (Postfix) with ESMTPSA id C4BF51E35C; Tue, 10 Jan 2023 18:11:52 -0500 (EST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_48793CDE-728A-4D2C-BC3A-CECFB75AFCBB"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Jeffrey Haas <jhaas@pfrc.org>
In-Reply-To: <CAOj+MMG6y0B6ZaPwLSn+5rvmuhtKWvEBw8MWAOgLWtw7n3dUag@mail.gmail.com>
Date: Tue, 10 Jan 2023 18:11:52 -0500
Cc: Donatas Abraitis <donatas.abraitis@hostinger.com>, Alvaro Retana <aretana.ietf@gmail.com>, "Jakob Heitz (jheitz)" <jheitz@cisco.com>, Bruno Decraene <bruno.decraene@orange.com>, IDR List <idr@ietf.org>, John Scudder <jgs@juniper.net>
Message-Id: <A09C18C3-5038-4719-931B-2C86A3BCFF49@pfrc.org>
References: <081E5E98-8D7B-452E-8517-EECBE72E3D7F@juniper.net> <64E754F4-CB63-4F2E-92A3-43ADEA1EC4AB@juniper.net> <20201028215313.GA8863@pfrc.org> <CAOj+MMFH35TB10gpeX80645qEZF3irFk0XVyyLZzkXagcTtwAA@mail.gmail.com> <20201029113316.GB8863@pfrc.org> <CAOj+MMHvVgP0SSTSLqcUHizfk_kR1tUjo0u8p3AnKiuHFr=VaQ@mail.gmail.com> <BYAPR11MB3207AE20610604C5310C0BBAC0140@BYAPR11MB3207.namprd11.prod.outlook.com> <007c01d6ae71$4513eec0$cf3bcc40$@tsinghua.org.cn> <8560_1604052018_5F9BE432_8560_210_1_53C29892C857584299CBF5D05346208A48FDBBFD@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <20201103163259.GC7455@pfrc.org> <CAJwpseXrj46EY7ccXYNH-aWqfykGD99obOaA5qLMNHfoWG7ptQ@mail.gmail.com> <CAMMESsx=c__3UR57zCXLUp62q2ua9YXPT90f-ThqDUJzCYiGjQ@mail.gmail.com> <CAOj+MMG+_aHkc0=+FNvJ8tcTu9W-GpmVxJf=6JeD=zZK+AyjUw@mail.gmail.com> <CAJwpseWAt5oUEMqUE85m+PNSEv_kfONScUSdGooq4XpP6EwFYg@mail.gmail.com> <CAOj+MMHCvyE7vDiP3iBOC+EHgpBsKUESXs4GvcHFbHj_VSChTg@mail.gmail.com> <CAJwpseWOaqP6zXYY2gPN3J47gEbDfcyCtt91C9PH5nZDnK6vJQ@mail.gmail.com> <CAOj+MMGTXB+XSyXCJKugVzKwEi=u8d7nP1LzKdYKJcSHXd9CiA@mail.gmail.com> <CAJwpseULj4_FTELt9WQbU8jqDVdO_GNUvcFxgxQONWViYzksVQ@mail.gmail.com> <CAOj+MMFnawJt=J2z0qWNmkPLoq6n+F9tKC+F+_hBtpJ=Xqe8iA@mail.gmail.com> <CAJwpseXG0SCN=+XZQqYavzu=i4sTetyKRDVDHrRg0mbD14BuCQ@mail.gmail.com> <65C185D6-D194-4865-A678-8F85EFB50DAD@pfrc.org> <CAOj+MMG6y0B6ZaPwLSn+5rvmuhtKWvEBw8MWAOgLWtw7n3dUag@mail.gmail.com>
To: Robert Raszuk <robert@raszuk.net>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/4znAjWagjyl4LkYY8emdDVw9YHc>
Subject: Re: [Idr] WG adoption call for draft-abraitis-bgp-version-capability-08, to end September 25
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2023 23:11:58 -0000

Robert,

Please note that the points I'm about to make is intended to more broadly discuss the URL issue and isn't saying you're making these recommendations.

> On Jan 10, 2023, at 5:47 PM, Robert Raszuk <robert@raszuk.net> wrote:
> 
> I would like to just highlight one IMHO very cool property hidden in yr note ... If we would use URL to carry a pointer to the information the URL can be shortened to be a fixed length of a few characters which could be really easy to process and presented  to users in a pretty uniformed way across any receiver. 

Before we move forward with any specific shortened-URL proposal, it's likely we'll want to get comment from those with expertise in the security implications of shortened URLs.

Certainly, many vendors maintain a domain name for shorter URLs for various contexts.  That's likely not the main concern.

URL shortening services are probably a Very Bad Idea since they're in an entire vector of attacks on their own.

(We also introduce all of the interesting headaches about interaction with the PKIX certificate infrastructure.  See my prior comments in the BGP autoconfiguration discussions if you're interested.)

One possible mitigation for some of the attacks given the problem to be addressed is to permit an IANA registered prefix for the URI/URL.  This means rather than carrying a potentially long URL to a specific resource, you carry something like the Private Enterprise Number's[1] instance of your registered prefix and a suffix portion of the URL.  The rest of the data is contained in the structured data at the other side of the expanded URL.

I'd encourage Donatas to continue the discussion on such structured data before we worry over-much about how to point to it in BGP. :-)

-- Jeff

[1] https://www.iana.org/assignments/enterprise-numbers/

v2.23.0 | Report a Bug | By Email