Re: [Idr] Can we eliminate the "IETF Review" Capablities range? [was: Re: I-D Action: draft-ietf-idr-capabilities-registry-change-04.txt]
tom petch <ietfc@btconnect.com> Thu, 23 May 2019 16:33 UTC
Return-Path: <ietfc@btconnect.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E15C120132 for <idr@ietfa.amsl.com>; Thu, 23 May 2019 09:33:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.247
X-Spam-Level:
X-Spam-Status: No, score=0.247 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RATWARE_MS_HASH=2.148, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28GrEpXvElKL for <idr@ietfa.amsl.com>; Thu, 23 May 2019 09:33:10 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140128.outbound.protection.outlook.com [40.107.14.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD70012011D for <idr@ietf.org>; Thu, 23 May 2019 09:33:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector1-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7bLVp9yoMtTtSwr81VOZtii1t7G1T5ay+Q/FHh2yyRU=; b=OF0CaeACHB3DVeU1DEHDhkmrwM6vLLYLcA+ijuxhkfQ5egzJQlNJDS+v0SCBTDgC2+0+7vw90b7vxvW0Ids2EvOfeMwHqVbjfBnSI30tCblHYwhaHLDieNN0ftNbxgPbLsCSYgbYJbg7vuSsdT84GTKgfL/krUyumxu44c36A2Y=
Received: from VI1PR07MB3118.eurprd07.prod.outlook.com (10.175.242.156) by VI1PR07MB3488.eurprd07.prod.outlook.com (10.175.244.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1943.9; Thu, 23 May 2019 16:33:05 +0000
Received: from VI1PR07MB3118.eurprd07.prod.outlook.com ([fe80::7537:44ee:88c1:dd6d]) by VI1PR07MB3118.eurprd07.prod.outlook.com ([fe80::7537:44ee:88c1:dd6d%7]) with mapi id 15.20.1943.007; Thu, 23 May 2019 16:33:05 +0000
From: tom petch <ietfc@btconnect.com>
To: "idr@ietf.org" <idr@ietf.org>, John Scudder <jgs=40juniper.net@dmarc.ietf.org>
Thread-Topic: [Idr] Can we eliminate the "IETF Review" Capablities range? [was: Re: I-D Action: draft-ietf-idr-capabilities-registry-change-04.txt]
Thread-Index: AQHVEYUyVIsCWqG9LUSO7O62sTvrZg==
Date: Thu, 23 May 2019 16:33:05 +0000
Message-ID: <015701d51184$a55712c0$4001a8c0@gateway.2wire.net>
References: <155860518236.3859.4116481267193969204@ietfa.amsl.com> <F34580D3-0033-45CA-B90A-78A37DE22F9B@juniper.net>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: LO2P265CA0234.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:b::30) To VI1PR07MB3118.eurprd07.prod.outlook.com (2603:10a6:802:20::28)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ietfc@btconnect.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: Microsoft Outlook Express 6.00.2800.1106
x-originating-ip: [86.139.215.234]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 15e7f2be-541b-48ee-a8ae-08d6df9c54bb
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:VI1PR07MB3488;
x-ms-traffictypediagnostic: VI1PR07MB3488:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <VI1PR07MB34888A6A5981433B2D9B52DBA0010@VI1PR07MB3488.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3631;
x-forefront-prvs: 00462943DE
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(396003)(366004)(39860400002)(376002)(199004)(189003)(13464003)(1556002)(81156014)(81166006)(8936002)(52116002)(110136005)(76176011)(84392002)(81816011)(8676002)(61296003)(66574012)(14454004)(50226002)(7736002)(3846002)(99286004)(2906002)(305945005)(81686011)(14496001)(68736007)(53546011)(6506007)(386003)(6116002)(102836004)(186003)(62236002)(2501003)(66946007)(73956011)(64756008)(66556008)(66476007)(66446008)(478600001)(14444005)(44716002)(256004)(25786009)(229853002)(6512007)(6306002)(6436002)(5660300002)(86152003)(6486002)(9686003)(44736005)(4720700003)(316002)(26005)(966005)(66066001)(71200400001)(86362001)(446003)(53936002)(486006)(71190400001)(6246003)(476003)(74416001)(7726001); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB3488; H:VI1PR07MB3118.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: btconnect.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Xv3vijErw2kxrK8c0znfEzsMpRMZ5kGw21jo394bR26W0gJSKEETe/XJ9W38l6I3DbsYUlVhcRFuVVe/vduNmTlg6/hhne8mteATZkUWZa2u6MtYYo0Tdb4Sqng5k+5j7UoFCeoxZgu/QBKpLUStV8fwB3Xt683znqA3l2+CCF987/RzJnxW9OD8miwlO3673ojg1iJXJHc35pbP/XwVnhviIoXvCMQTiFqyb4qmcWHYcwjDbWRBdSVG9rx3glu1/yNetc5rQK9taR3UjAQ47oK2IClRwGjF1XWAAsdQ92L6LP/5Y8QzfLPygwmcZvjn58pPUn1nS4G+2hV7KNwLvkzx00Uab3tN8nzRW9e6Td88OSLCBoSZfufR912cHDlKpk5ZZ5rRViGRyemOTWMrhMup/k+OvgIZTl+Y2bSG+ZE=
Content-Type: text/plain; charset="utf-8"
Content-ID: <5708ADA7C7C33B4691A521A35674D43C@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 15e7f2be-541b-48ee-a8ae-08d6df9c54bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 May 2019 16:33:05.2178 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ietfc@btconnect.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB3488
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/plQhywZTU42VXngHeZDU7WUSbJc>
Subject: Re: [Idr] Can we eliminate the "IETF Review" Capablities range? [was: Re: I-D Action: draft-ietf-idr-capabilities-registry-change-04.txt]
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2019 16:33:12 -0000
----- Original Message ----- From: "John Scudder" <jgs=40juniper.net@dmarc.ietf.org> Sent: Thursday, May 23, 2019 11:10 AM > On May 23, 2019, at 12:53 PM, internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Inter-Domain Routing WG of the IETF. > > Title : Revision to Capability Codes Registration Procedures > Author : John Scudder > Filename : draft-ietf-idr-capabilities-registry-change-04.txt > Pages : 5 > Date : 2019-05-23 > > This is a version bump to refresh the draft, which had expired. There are two outstanding points I can think of: > > 1. I’ve received a report of another use of Capability 129 (different from the one reported in the draft). I’m following up with the reporter to find out if that needs to be documented in the draft, if it does I’ll issue a revision. > > 2. The draft currently leaves Capabilities 1-63 as “IETF Review”. As I ’ve mentioned in another thread recently, I’ve become skeptical of the value of splitting registries between IETF Review and FCFS. Here are some options, listed in order of my own preference: > > 2.a. Make 1-238 all FCFS. > Pro: this is the easiest allocation policy with the least admin overhead. There is no decision required as to which range to select, so less confusion. > Con: there’s a theoretical risk of the number space being completely consumed, without any formal way for the WG to prevent it. (A “run on the bank”.) > Rebuttal: this hasn’t been seen to happen in practice. Also, we do reserve 255 in case we need it for future extension. > > 2.b. Make 1-63 Reserved, 64-238 FCFS. > Pro: as above, but without the chance that the number space could be completely consumed since 1-63 is protected. If that range is needed in the future, another draft can be written to reclassify it as IETF Review again, or as whatever is desired at that time. > Con: it’s a slightly more complicated solution to what may be a non-problem. > > 2.c. Leave it as written in version 04, 1-63 IETF Review, 64-238 FCFS. > Pro: it’s what we’ve already been discussing and nobody (other than me, in this note) has raised an objection so far. > Con: authors are required to choose between the two ranges, experience shows that many assume that IETF Review is “better” for some reason. This holds up number allocation, retards implementation, and invokes additional administrative overhead without returning any concrete benefit. > > I’d be interested in discussion of these options. Once these points are settled IMO the draft is ready for last call. John I see it as a question of security. The Internet used to consist of friendly, helpful people who worked together to make it happen. Now there is a whole raft of evil people, some state actors, some individual, some corporate - in fact, actors of any kind. So, if we make it FCFS, and an evil actor sets out to sabotage us, what mechanisms do we have to stop them? Think of the kind of mechanisms that routers have to stop them being overwhelmed. As RFC8126says, " It is also important to understand that First Come First Served really has no filtering. Essentially, any well-formed request is accepted." so we have no defence against a DoS attack. We have not had one such yet but as they say of pilots, there are those who have landed with the wheels up and there are those who will land with the wheels up. We should reserve enough entries, i.e. IETF Review, to accommodate our needs for, say, the next decade. Tom Petch > Thanks, > > —John > ------------------------------------------------------------------------ -------- > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr >
- [Idr] I-D Action: draft-ietf-idr-capabilities-reg… internet-drafts
- [Idr] Can we eliminate the "IETF Review" Capablit… John Scudder
- Re: [Idr] Can we eliminate the "IETF Review" Capa… tom petch
- Re: [Idr] Can we eliminate the "IETF Review" Capa… Donald Eastlake
- Re: [Idr] Can we eliminate the "IETF Review" Capa… John Scudder
- Re: [Idr] Can we eliminate the "IETF Review" Capa… bruno.decraene
- Re: [Idr] Can we eliminate the "IETF Review" Capa… Jeffrey Haas
- Re: [Idr] Can we eliminate the "IETF Review" Capa… Jeffrey Haas