Protocol Action: 'The Use of maxLength in the RPKI' to Best Current Practice (draft-ietf-sidrops-rpkimaxlen-15.txt)
The IESG <iesg-secretary@ietf.org> Fri, 19 August 2022 18:39 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 36B7AC159A1F; Fri, 19 Aug 2022 11:39:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'The Use of maxLength in the RPKI' to Best Current Practice (draft-ietf-sidrops-rpkimaxlen-15.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 8.14.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: The IESG <iesg@ietf.org>, draft-ietf-sidrops-rpkimaxlen@ietf.org, morrowc@ops-netman.net, rfc-editor@rfc-editor.org, sidrops-chairs@ietf.org, sidrops@ietf.org, warren@kumari.net
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <166093436121.15155.12060288283585824974@ietfa.amsl.com>
Date: Fri, 19 Aug 2022 11:39:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/9egcqQUc4rHaO6fsEikZ8pDM9I0>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Aug 2022 18:39:21 -0000
The IESG has approved the following document: - 'The Use of maxLength in the RPKI' (draft-ietf-sidrops-rpkimaxlen-15.txt) as Best Current Practice This document is the product of the SIDR Operations Working Group. The IESG contact persons are Warren Kumari and Robert Wilton. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpkimaxlen/ Technical Summary This document recommends ways to reduce the forged-origin hijack attack surface by prudently limiting the set of IP prefixes that are included in a Route Origin Authorization (ROA). One recommendation is to avoid using the maxLength attribute in ROAs except in some specific cases. The recommendations complement and extend those in RFC 7115. The document also discusses the creation of ROAs for facilitating the use of Distributed Denial of Service (DDoS) mitigation services. Considerations related to ROAs and origin validation in the context of destination-based Remote Triggered Black Hole (RTBH) filtering are also highlighted. Working Group Summary The document went through 9 revisions in the WG, had good conversation during meetings as well as on-list. Document Quality The document is well written and clear. Personnel Chris Morrow is the DS Warren Kumari is, as always, RAD!!!! IESG Note: RFC Editor: Please add this document to BCP185. (this is just a request to the RFC Editor; and shouldn't be added to the document itself)