Re: [Idr] Shepherd report on draft-ietf-idr-bgp-bestpath-selection-criteria-11.txt

"Susan Hares" <shares@ndzh.com> Tue, 04 June 2019 11:23 UTC

Return-Path: <shares@ndzh.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C5D12006D; Tue, 4 Jun 2019 04:23:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.948
X-Spam-Level:
X-Spam-Status: No, score=0.948 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x2JbZGjTpREe; Tue, 4 Jun 2019 04:23:50 -0700 (PDT)
Received: from hickoryhill-consulting.com (50-245-122-100-static.hfc.comcastbusiness.net [50.245.122.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5277512002F; Tue, 4 Jun 2019 04:23:50 -0700 (PDT)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=174.124.224.176;
From: "Susan Hares" <shares@ndzh.com>
To: <idr@ietf.org>
Cc: <draft-ietf-idr-bgp-bestpath-selection-criteria@ietf.org>
References: <006601d51ac6$e8e7cd90$bab768b0$@ndzh.com>
In-Reply-To: <006601d51ac6$e8e7cd90$bab768b0$@ndzh.com>
Date: Tue, 4 Jun 2019 07:23:45 -0400
Message-ID: <007f01d51ac7$f9409130$ebc1b390$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0080_01D51AA6.72309EE0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGKJ2JIa3waJ8XdejCra0UQmRY1lKchP8TQ
Content-Language: en-us
X-Antivirus: AVG (VPS 190604-1, 06/03/2019), Outbound message
X-Antivirus-Status: Not-Tested
X-Authenticated-User: skh@ndzh.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/wr_SVGr30xvEmldqleSqqaHNnp8>
Subject: Re: [Idr] Shepherd report on draft-ietf-idr-bgp-bestpath-selection-criteria-11.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jun 2019 11:23:52 -0000

I missed one other editorial issue that must be resolved in the abstract in
version 12. 

 

 

Old:/    BGP specification prescribes 'BGP next-hop reachability' as one

   of the key 'Route Resolvability Condition' that must be satisfied

   before the BGP bestpath candidate selection./

 

New:/ BGP specification (RFC4271) prescribes 'BGP next-hop reachability' as
one

   of the key 'Route Resolvability Condition' that must be satisfied

   before the BGP bestpath candidate selection./

 

Sue  Hares 

 

From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Susan Hares
Sent: Tuesday, June 4, 2019 7:16 AM
To: idr@ietf.org
Subject: [Idr] Shepherd report on
draft-ietf-idr-bgp-bestpath-selection-criteria-11.txt

 

Basic status:  ready for IESG with two additions

 

1.       RFC5512 is being replaced by draft-ietf-tunnel-encaps-12.txt 

 

        Page 3., section 3, paragraph 2: 

 

    OLD: /A dynamic signaling such as BGP encapsulation SAFI (or tunnel
encap attribute)

              may be used to convey the data plane protocol chosen by the
policy/

   New:/A dynamic signaling such as BGP encapsulation SAFI [RFC5512], or 

              Tunnel encapsulation attribute
[draft-ietf-idr-tunnel-encap-12.txt] 

              may be used to convey the data plane protocol chosen by the
policy./ 

 

  Why:  draft-idr-tunnel-encaps-12.txt is going to hit the IESG on June 7th
(see John's email)

             Alvaro (AD) and  IESG will probably ask for the change.  

 

   Choice: Leave this until AD reviews with my comments or 

                  change to my text.  It can be an informative reference to
[draft-ietf-idr-tunnel-encap-12.txt]

 

https://datatracker.ietf.org/doc/draft-ietf-idr-bgp-bestpath-selection-crite
ria/

 

2.       Your security statement is not strong enough. 

   

 IHMO, this feature can actual help OAM reduce one attack fact.  

 

  Old: /This draft doesn't impose any additional security constraints./

 

  New:/ While this daft does not specifically add any additional security
constraints, 

                it can provide support a general error handling that
improves the security against some attacks. 

 

                The resolving a route to a particular forwarding path allows
BGP routes to be selected on 

               a currently available forwarding path.  This feature allows
the OAM to only select and 

               track active paths rather than "possible paths".  The BGP
"possible paths" provide one 

              attack face for insertion of routes that resolve these
"possible paths" at a later time. / 

 

     If this set of comments work for you, please update this in version-12.


    If not, please consider how to strengthen the security section in
version-12.txt. 

 

 

Once I see your updates in version-12, I will send this off to the IESG. 

 

Cheerily, Susan Hares