[Idr] AD Review of draft-ietf-idr-bgp-ls-registry-01
Alvaro Retana <aretana.ietf@gmail.com> Mon, 16 November 2020 15:53 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 513813A116F; Mon, 16 Nov 2020 07:53:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tG5KsWLw74Om; Mon, 16 Nov 2020 07:53:20 -0800 (PST)
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4618E3A11FD; Mon, 16 Nov 2020 07:53:20 -0800 (PST)
Received: by mail-ej1-x62b.google.com with SMTP id w13so25082262eju.13; Mon, 16 Nov 2020 07:53:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc :content-transfer-encoding; bh=/t9JVIyjIJ1oXv+5AZfsAK7Tnl3LadfihWqALpo78Qg=; b=cvck+wSbHXpeMEHBb2thsgA1hJ9WpsaGZrGg0iVwi3UlFA0VdZuz0VZMb70IDzIXuU zNHMcFCoxmzc/ji2PTf5tEybpVJ/12c6bQjD0ZxL2wF6IicOD9i0EM6tln/AqtJFGYDd 5qC1PZTZhpd4D4/mxyiWJb94RnblIRA5QCm0K6BcB1O34DP+OEcB9Iy1LHA2a05XDgLj NtpVzhMOgepywkxdlIUEt85DQqFL9lks4zc6jxq0QFf1qr3gWg2WC7ejq/QxgSR11AWF rkO5JFNIQGus/pFqgMMbx3m1zQ8XmeG3dmppthnqDI1ZFomOqb+EuAgqs94UX7TuGNmT baqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc :content-transfer-encoding; bh=/t9JVIyjIJ1oXv+5AZfsAK7Tnl3LadfihWqALpo78Qg=; b=orFcxGLxV4ll+a3rY5VnoqYaOOs7KFCZaPwRXqqU+jETikH2hGRslkyOPioIe/yhxZ W+fZvs4YqFM4lG1VDq7QWeHc54mlQtp7ZJthxQU4Oq+L9rp8P2CXO1myMwiMmeIQGaUM OrEEbre0sv6HidAFi83d0ykYHfYjf9yn8WRgGX+TCjhlTPMUEoI7MfXL0g7G+G6Sepn8 cW5FWqRF8KroHGsx2MNu9Gqzb4NMx/2vD83gf6l0rU38Ka+fucqdvSgp6L+5whJThN/b Lw07061O4oihh1Qn1dWWcXsbptSwzU7bkLGN+W1riox3BQNAeuSp99Y5J0D0CuLGqL7q mZ4Q==
X-Gm-Message-State: AOAM531wv2/h+2oW1zTqj25X8xyggKa5x9tnLmPUvJnmmNzNVmcHSepY pgfsHaK9Gw5YL9ak1ik4hiRENZ2QSxHIkfxVyMfI2gYMWOA=
X-Google-Smtp-Source: ABdhPJy4EAYsdtfjEEo9f9h4xpz7Q8cCfacnv1MTrVG6BihWJGfZ0aWOemR+iynkLZFyCorgWpxasE3QEG3fmWWMYCg=
X-Received: by 2002:a17:907:2805:: with SMTP id eb5mr14875316ejc.27.1605541998141; Mon, 16 Nov 2020 07:53:18 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Mon, 16 Nov 2020 07:53:17 -0800
From: Alvaro Retana <aretana.ietf@gmail.com>
MIME-Version: 1.0
Date: Mon, 16 Nov 2020 07:53:17 -0800
Message-ID: <CAMMESsxY8HwC7Vkdrc0Xy7ByCtuuaL3Zw2TuQjiGeVNwvcYCSg@mail.gmail.com>
To: draft-ietf-idr-bgp-ls-registry@ietf.org
Cc: "idr@ietf. org" <idr@ietf.org>, idr-chairs@ietf.org, "Dongjie (Jimmy)" <jie.dong@huawei.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/jg610Uyj_an91WLeZ9Izq6949e8>
Subject: [Idr] AD Review of draft-ietf-idr-bgp-ls-registry-01
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2020 15:53:22 -0000
Adrian: Hi! Thanks for your work on this document. I have some concerns about the text related to the motivation and the DE guidance, along with some minor comments and nits. Please see in-line below. Thanks! Alvaro. [Line numbers from idnits.] ... 12 Abstract 14 RFC 7752 defines Border Gateway Protocol - Link State (BGP-LS). IANA 15 created a registry consistent with that document called the "Border 16 Gateway Protocol - Link State (BGP-LS) Parameters Registry" with a 17 number of sub-registries. The allocation policy applied by IANA for 18 those policies is "Specification Required" as defined in RFC 8126. [minor] s/allocation policy applied by IANA for those policies/allocation policy applied by IANA for those registries/g ... 66 1. Introduction 68 Border Gateway Protocol - Link State (BGP-LS) [RFC7752] requested 69 IANA to create a registry consistent called the "Border Gateway 70 Protocol - Link State (BGP-LS) Parameters Registry" with a number of 71 sub-registries. The allocation policy applied by IANA for those 72 policies is "Specification Required" as defined in [RFC8126]. [nit] s/a registry consistent called/a registry called 74 The "Specification Required" policy requires evaluation of any 75 assignment request by a "Designated Expert" and guidelines for any 76 such experts are given in section 5.1 of [RFC7752]. In addition, 77 this policy requires "the values and their meanings must be 78 documented in a permanent and readily available public specification, 79 in sufficient detail so that interoperability between independent 80 implementations is possible" [RFC8126]. Further, the intention 81 behind "permanent and readily available" is that "a document can 82 reasonably be expected to be findable and retrievable long after IANA 83 assignment of the requested value" [RFC8126]. [nit] s/requires "the values/requires that "the values 85 It is often considered that it is the responsibility of the 86 Designated Expert to make a determination as to whether a 87 specification meets the requirement to be permanent and readily 88 publicly available. A degree of contention arises in this case 89 because Internet-Drafts are now permanently archived in the IETF&s 90 tools archive, yet each such document is marked with a piece of 91 boilerplate text as follows that brings doubt about its suitability 92 as a permanent record: [nit] s/IETF&s/IETF's 94 Internet-Drafts are draft documents valid for a maximum of six 95 months and may be updated, replaced, or obsoleted by other 96 documents at any time. It is inappropriate to use Internet-Drafts 97 as reference material or to cite them other than as "work in 98 progress." [major] Related to the use of IDs to satisfy Specification Required. The general practice is to let the DEs decide if an ID is sufficient. Clear instructions go a long way. The motivation discussed on the list is focused only on speeding up allocations by eliminating the rfc7120-related part of the process. This document is not the best place to introduce a discussion about the boilerplate, or the interpretation of other documents. Please reword the motivation. [] I know the conversation about IDs, their boilerplate, and the Specification Required policy has come up several times, and that rfc8126 didn't include the best possible text. I will bring this up to the IESG (again), but I suspect that the result will be to hold any potential changes until rfc8126bis (I think Michelle @ IANA mentioned that she was working on it). ... 129 2.1. Guidance for Designated Experts 131 Section 5.1 of [RFC7752] gives guidance to Designated Experts. This 132 section replaces that guidance. 134 In all cases of review by the Designated Expert (DE) described here, 135 the DE is expected to check the clarity of purpose and use of the 136 requested code points. Additionally, the DE must verify that any 137 request for one of these code points has been made available for 138 review and comment within the IETF: the DE will post the request to 139 the IDR Working Gorup mailing list (or a successor mailing list 140 designated by the IESG). If the request comes from within the IETF, 141 it should be documented in an Internet-Draft. Lastly, the DE must 142 ensure that any other request for a code point does not conflict with 143 work that is active or already published within the IETF. [nit] s/Gorup/Group [major] "the DE must verify that any request for one of these code points has been made available for review and comment within the IETF: the DE will post the request to the IDR..." The text in rfc7752 asks that "any specification produced in the IETF that requests one of these code points has been made available for review by the IDR..." But the updated text talks about the *request*, not the *specification*, which is what I assume is what you want idr to see, and is in line with the original instructions. Right? [major] On the same text... What is the expectation when posting the specification to idr? Can the DE move on once he/she sends a message to idr, or is there some feedback/discussion/confirmation expected? The text explicitly talks about being "available for review" -- what type of review is expected? [major] Related to possible WG feedback... How much attention are the DEs expected to pay to the WGs review? The Expert Review policy can clearly result in the allocation of codepoints to specifications that don't have IETF consensus/approval/favorable reviews... [major] "If the request comes from within the IETF..." How is it determined that the request comes from "within the IETF"? For example, the case where a draft is discussed/adopted in a WG, and the WG (not just the authors) decide to ask for an allocation seems like a case where the request comes from "within the IETF": the WG making the request is part of the IETF. What are other cases? [major] Do you really want all the sub-registries to use the same DE instructions? An important difference between Expert Review and Specification Required is that the former is not covered by the early allocation process in rfc7120 -- which, I think is part of the objective. The space in the registries is large (so there shouldn't be significant issues with unused codepoints), except for the "BGP-LS Protocol-IDs" one which only has 255 possible values; that is still pretty big for its purpose. Just want to check everyone is ok with this. An alternative would be to still use Expert Review, and to add rfc7370-like instructions. In short: the DE would follow an Early Allocation process akin to rfc7120 (just for this sub-registry)...not only when assigning a value, but also if deallocation is needed. [major] Why isn't rfc2119 language used in the DE instructions? As written, the DEs, for example, can decide to not enforce the ID requirement for no good reason. 145 3. Security Considerations ... 149 Note that the change to the expert review guidelines make the 150 registry and the Designated Experts slightly more vulnerable to 151 denial of service attacks through excessive and bogus requests for 152 code points. It is expected that the registry cannot be effectively 153 attacked because the Designated Experts would, themselves, fall to 154 any such attack first. Designated Experts are expected to report to 155 the IDR working group chairs and responsible Area Director if they 156 believe an attack to be in progress, and should immediately halt all 157 requests for allocation. This may temporarily block all legitimate 158 risks until mitigations have been put in place. [nit] s/the change...make/the change...makes [minor] s/block all legitimate risks/block all legitimate requests 160 This change in allocation policy should not have any effect on the 161 integrity of BGP-LS since there is no change to the review 162 requirements for the work that underlies the request. [major] Yes, there is!! Specification Required asks for a specification to be stable (discussion, adoption in a WG, etc.) before granting (early) allocation -- this document leaves that decision to the DEs and what they may consider to be "clear".
- [Idr] AD Review of draft-ietf-idr-bgp-ls-registry… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Adrian Farrel
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Alvaro Retana
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Les Ginsberg (ginsberg)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Ketan Talaulikar (ketant)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Adrian Farrel
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Adrian Farrel
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Adrian Farrel
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Ketan Talaulikar (ketant)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Susan Hares
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Les Ginsberg (ginsberg)
- Re: [Idr] AD Review of draft-ietf-idr-bgp-ls-regi… Acee Lindem (acee)