Re: [Idr] Kathleen Moriarty's Yes on draft-ietf-idr-error-handling-18: (with COMMENT)

"John G. Scudder" <> Mon, 20 April 2015 17:54 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 855161A8AF7; Mon, 20 Apr 2015 10:54:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Z1ExeEMWFE_1; Mon, 20 Apr 2015 10:54:19 -0700 (PDT)
Received: from ( [IPv6:2a01:111:f400:fc10::746]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CD7AF1A8AF5; Mon, 20 Apr 2015 10:54:18 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Mon, 20 Apr 2015 17:54:00 +0000
Authentication-Results:; dkim=none (message not signed) header.d=none;
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Mon, 20 Apr 2015 17:53:51 +0000
Content-Type: text/plain; charset="windows-1252"
MIME-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: "John G. Scudder" <>
In-Reply-To: <>
Date: Mon, 20 Apr 2015 13:53:44 -0400
Content-Transfer-Encoding: quoted-printable
Message-ID: <>
References: <>
To: Kathleen Moriarty <>
X-Mailer: Apple Mail (2.1878.6)
X-Originating-IP: []
X-ClientProxiedBy: ( To (
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:CO2PR05MB730; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:CO2PR05MB666;
X-Microsoft-Antispam-PRVS: <>
X-Forefront-Antispam-Report: BMV:1; SFV:NSPM; SFS:(10019020)(6009001)(377454003)(19580405001)(47776003)(50466002)(87976001)(53416004)(66066001)(19580395003)(46102003)(33656002)(76176999)(57306001)(42186005)(40100003)(83716003)(77096005)(36756003)(77156002)(62966003)(23746002)(230783001)(86362001)(2950100001)(50986999)(110136001)(82746002)(50226001)(92566002)(104396002)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:CO2PR05MB730;; FPR:; SPF:None; MLV:sfv; LANG:en;
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(5002010); SRVR:CO2PR05MB730; BCL:0; PCL:0; RULEID:; SRVR:CO2PR05MB730;
X-Forefront-PRVS: 05529C6FDB
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2015 17:53:51.2363 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR05MB730
Archived-At: <>
Cc:,,, The IESG <>,
Subject: Re: [Idr] Kathleen Moriarty's Yes on draft-ietf-idr-error-handling-18: (with COMMENT)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Inter-Domain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 20 Apr 2015 17:54:20 -0000

Hi Kathleen,

On Mar 9, 2015, at 8:07 PM, Kathleen Moriarty <> wrote:

> My only comment would be to see if you could break the first paragraph of
> the security considerations into a few sentences.  Maybe getting rid of
> the parens to help break out the additional sentences would help.

Good point, thanks. Parentheses are the bane of my existence. How about this?

   This specification addresses the vulnerability of a BGP speaker to a
   potential attack whereby a distant attacker can generate a malformed
   optional transitive attribute that is not recognized by intervening
   routers. Since the intervening routers do not recognize the
   attribute, they propagate it without checking it. When the malformed
   attribute arrives at a router that does recognize the given attribute
   type, that router resets the session over which it arrived. Since
   significant fan-out can occur between the attacker and the routers
   that do recognize the attribute type, this attack could potentially
   be particularly harmful.

– John