Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard

Robert Raszuk <robert@raszuk.net> Mon, 08 May 2017 20:28 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D36811293DA; Mon, 8 May 2017 13:28:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.398
X-Spam-Level:
X-Spam-Status: No, score=-2.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oz5Qv3oaVLxz; Mon, 8 May 2017 13:28:18 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 505E51292D3; Mon, 8 May 2017 13:28:18 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id o12so29669340iod.3; Mon, 08 May 2017 13:28:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=9bz4778u3tAdINKkilzof8aC9cTy6j0Nj061hu0vhZU=; b=Vzh5F+glCP+kvY4Eb5K5F5AunwHzwb3NciDABtAk+rDOcBXiKqdUJLyXgGvHNEDas2 6xfVaD+2AI/12wkoratGYoN8vD8n7KCllIVrQIZio8S2cBDD+oKavKw0noyV2fNJD8da 9+KtK+nyzzHM7utw/N/N6IHjdGZxsJswTRy69dKtPJocGWpQZlCULP2K7psw3On5hnMH 1P5CtrMrDKds2bazWAVi5NsjT3bxL1RSNJKMzAzDOSKW8O3pamkKzVf8nPjSpSzypdmz GW5bwKWHkRBrBY3sz6q1FNuHujYWlfwI4dXpXJE6ryD66TjbcgLE450TF3azFtEHo5+d nLYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=9bz4778u3tAdINKkilzof8aC9cTy6j0Nj061hu0vhZU=; b=qx4c6K4GwsLxN5M6yyo2HnneR443WCDAN7x3g+gDoXD1cH6IW7PmwZam/vvsm4PpYT RWICUxlTKTGls1oEN79Kpjht3fcFjnIbGwxnmberXOXiscK8OG8yZlGuXUqBkOJnrRc6 bcDzqk9lJoR6ILHGkEMSYS5IP6bTeBYqqTlIt9JTs+MY9EMyWJM6NKTsG7zlCu8tsa5f 5WMObSrQNj+lPGk1c/F7M3w7OEmmwlDQvIMcZJvU4W9x0NxrGyR1D5UCde5JKffjd5qN 0W6BImWNSREJjyJUF6oaJPIhoFi/bkGboaLMuSzJitBEj1rIWHPoGHFHrY747zt0Vfe/ 5owA==
X-Gm-Message-State: AN3rC/7QFhDF7J7DfLPH0bDVVg89NDa000FCfj9jW5wQwUA2M21HhQrz czdZ0uMNQ+Jz7gI3xFZ/plvKVhkZFQ==
X-Received: by 10.107.5.12 with SMTP id 12mr51093111iof.186.1494275297668; Mon, 08 May 2017 13:28:17 -0700 (PDT)
MIME-Version: 1.0
Sender: rraszuk@gmail.com
Received: by 10.79.62.24 with HTTP; Mon, 8 May 2017 13:28:17 -0700 (PDT)
In-Reply-To: <CACWOCC_mRwMXhrQFzNKin2G4VvT6GoGMGQQiW-rss_5kRY3Yrw@mail.gmail.com>
References: <149400686065.8457.16928207738917615877.idtracker@ietfa.amsl.com> <9d8cf31a-fc21-096b-543e-58750894a22a@cisco.com> <a9996bc76e604acfbe797389ed0d81f6@XCH-ALN-014.cisco.com> <6a3bfb3a-fd06-4291-b3f2-abb92f70ec04@cisco.com> <CACWOCC_mRwMXhrQFzNKin2G4VvT6GoGMGQQiW-rss_5kRY3Yrw@mail.gmail.com>
From: Robert Raszuk <robert@raszuk.net>
Date: Mon, 8 May 2017 22:28:17 +0200
X-Google-Sender-Auth: ErD8-fwp6ULT4WHrzOccW_b0vec
Message-ID: <CA+b+ER=WoxhLN_xNw1e=HvxJbyVo7nDokrXF04Kt2nC7gV6=kA@mail.gmail.com>
To: Job Snijders <job@ntt.net>
Cc: Enke Chen <enkechen@cisco.com>, "Jakob Heitz (jheitz)" <jheitz@cisco.com>, "idr-chairs@ietf.org" <idr-chairs@ietf.org>, "draft-ietf-idr-shutdown@ietf.org" <draft-ietf-idr-shutdown@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "idr@ietf.org" <idr@ietf.org>
Content-Type: multipart/alternative; boundary=001a113ef634507513054f091401
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/GNn6ZGQ8C36hY64hSExPrsqzSCM>
Subject: Re: [Idr] Last Call: <draft-ietf-idr-shutdown-08.txt> (BGP Administrative Shutdown Communication) to Proposed Standard
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 May 2017 20:28:20 -0000

Hi Job,

Assuming that by "visual spoofing" you really mean this:
http://websec.github.io/unicode-security-guide/visual-spoofing/ how does
limiting the length of the field helps to minimize it ?

It is UTF which is a problem here regardless of the length.

Ok so we leave 129-255 for further use .. brilliant. Assume someone comes
tomorrow and has a great use case for sending one byte of information in
the cease. So he defines length 129 right ? And even if operator did not
type anything for the "shutdown case" ... first 128 bytes goes empty, then
goes one newly defined octet. Is this really how protocol encoding should
be done in 2017 ? Is concept of TLV so complex ?

Cheers,
R.


On Mon, May 8, 2017 at 9:46 PM, Job Snijders <job@ntt.net> wrote:

>
> On Mon, 8 May 2017 at 21:36, Enke Chen <enkechen@cisco.com> wrote:
>
>> I understand this is not a good use of time.  But since it is in the
>> spec, I would like to understand the reasons.  If there are good reasons
>> for doing things differently, then they should be documented in the spec
>> so that people do not question again.
>
>
>
> In the security section: "This specification minimizes the effects of
> visual spoofing by limiting the length of the Shutdown Communication."
>
> On 5/8/17 12:13 PM, Jakob Heitz (jheitz) wrote:
>> > It is deliberately kept short to minimize the potential for abuse.
>>
>> 128 is ok, and 129- 255 would be considered abuse?
>
>
> Those are an error according to the draft.
>
> Kind regards,
>
> Job
>
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>