Re: Genart last call review of draft-ietf-grow-large-communities-usage-06
Stewart Bryant <stewart.bryant@gmail.com> Wed, 19 April 2017 08:46 UTC
Return-Path: <stewart.bryant@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C16213157F; Wed, 19 Apr 2017 01:46:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jfQ1uRl2DjPz; Wed, 19 Apr 2017 01:46:57 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF713131576; Wed, 19 Apr 2017 01:46:56 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id o81so74223789wmb.1; Wed, 19 Apr 2017 01:46:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=Ougxf9uJ25t+oNOaLThwQnfKjE44NoNBJsTUmD9K0i4=; b=bUpgBR07/A2qO3WX3zR+Z1rvZ/ajfcZUeL3Vr5dHQUCS1yc/OmAdcoD+Yi/ljXLOe9 iYSz1f8wxAuujq/pXBM8eZLenaCPzi08RWXHYRohd09oHqOPVgwXcUZrq/Eg7PTeCRC5 Ibr5ZFwvvZbp/k9+eM9CR220zBmhNhwDp0XDzlTIkzZk2d8s/hur4Rt+d/vxx0rJfcyw KYPs+LVyrLaopLXiNFjDNO6xlOtPWe0/MytWFFvr+YP6UySLrdfD8K0tw28Sm0C/Hotb QEUDAmhU7HTnHQ0kVaJ87XfTWJ+o5Ed74nFOIzmzxQdCHtCP6lggpmK9/77oy28iVj/1 iSjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=Ougxf9uJ25t+oNOaLThwQnfKjE44NoNBJsTUmD9K0i4=; b=cOh4MxD/NFa1mrwuzc87qNjP7xvcpMz9u6OUkT74aji1SveD9sxA8NhMG6TRel6mGW wh0CH/X1rD5frnIvLjN8lA1UJfjKc5IiSPD8e6dAR+kd9Bp78k1WhK46cyLnqXCKhWQl wsn/h7ylIiopOquneAhtMOTrAmk4IBdNUKb7ycE3BlJZCD73iNiwXacHLSGJIRFbl1iY 3jI90OpninU4LQIxqjJXf4mzDgkerHFhUef/RsKo03aR+WMONuzmbMkWqTzHyr9Wod60 uXs6DxwjIcbnBUr+mgkbMQiFf7ynD9XNwLpgb2X0zB5oOnnn2ysd7oYtnBxmUe6DFCkK t/XA==
X-Gm-Message-State: AN3rC/5Z7UYN8Akrscu8iuQuP4x/Q85IRjcvromNAfR7B7JV646TKQZE TjbLG+fjJ6zMQFyIHSs=
X-Received: by 10.28.165.13 with SMTP id o13mr1909942wme.139.1492591615207; Wed, 19 Apr 2017 01:46:55 -0700 (PDT)
Received: from [10.66.4.239] ([131.227.23.37]) by smtp.gmail.com with ESMTPSA id e21sm2859828wma.5.2017.04.19.01.46.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 19 Apr 2017 01:46:54 -0700 (PDT)
Subject: Re: Genart last call review of draft-ietf-grow-large-communities-usage-06
To: Job Snijders <job@instituut.net>
References: <149252287543.16134.18005737444773296286@ietfa.amsl.com> <20170418235858.sgsa64r7b5th7zam@Vurt.local>
Cc: gen-art@ietf.org, grow@ietf.org, draft-ietf-grow-large-communities-usage.all@ietf.org, ietf@ietf.org
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-ID: <21c205d9-eac4-9403-8450-6bce56b3bfe6@gmail.com>
Date: Wed, 19 Apr 2017 09:46:53 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <20170418235858.sgsa64r7b5th7zam@Vurt.local>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/U7XKIdMoUDidkbLo_XdCz0bdIjQ>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Apr 2017 08:46:58 -0000
On 19/04/2017 00:58, Job Snijders wrote: > >> ============ >> >> 5. Security Considerations >> >> Operators should note the recommendations in Section 11 of BGP >> Operations and Security [RFC7454]. >> >> SB> You do not address the question of whether there are new >> SB> considerations, or considerations that are of increased importance? > It is my understanding that RFC 8092 "BGP Large Communities" are just > like RFC 1997 "BGP Communities", but ... larger (for lack of better > words). Referencing RFC 7454 seems plenteous. > > So, what if there are not any additional considerations, If there were, > they would've been (or are) covered in RFC 8092's security section, > right? > > This is an Internet-Draft targetted for Informational status, I'm not > sure what you expect here. I was wondering if there was more scope to make mischief at a distance in a less less obvious way than before. If everyone is happy that there is no additional risk then I am fine, but seems to me the more knobs you give the mischeif maker to turn the more security risks you have. >> SB> Is there is text somewhere that discusses the integrity and >> SB> synchronization of the parameters and any consequences that arise? > the what now? Can you elaborate on the above? So you rely on the nodes that receive these community strings to interpret them in a common way. Maybe this is an already solved problem, or an known risk, but what if the dictionaries get out of sync? >> =========== >> >> Minor issues: >> >> 2.2. Action Communities >> >> Action Communities are added as a label to request that a route be >> treated in a particular way within an AS. The operator of the AS >> defines a routing policy that adjusts path attributes based on the >> community. For example, the route's propagation characteristics, >> the LOCAL_PREF (local preference), the next-hop, or the number of >> AS_PATH prepends to be added when it is received or propagated can >> be changed. >> >> SB> Although these are well known to the target audience, I think you >> SB> need some references in the above para. > What reference would you suggest? You feel the section 2.2 text cannot > stand on its own? As I said I imagine that all readers will know the definition of LOCAL_PREF and AS_PATH, but normally we give a reference in a documnet like this. - Stewart
- Genart last call review of draft-ietf-grow-large-… Stewart Bryant
- Re: Genart last call review of draft-ietf-grow-la… heasley
- Re: [GROW] Genart last call review of draft-ietf-… Randy Bush
- Re: Genart last call review of draft-ietf-grow-la… Job Snijders
- Re: [GROW] Genart last call review of draft-ietf-… Nick Hilliard
- Re: [GROW] Genart last call review of draft-ietf-… Randy Bush
- Re: [GROW] Genart last call review of draft-ietf-… Stewart Bryant
- Re: Genart last call review of draft-ietf-grow-la… Stewart Bryant
- Re: Genart last call review of draft-ietf-grow-la… Job Snijders
- Re: Genart last call review of draft-ietf-grow-la… Stewart Bryant
- Re: Genart last call review of draft-ietf-grow-la… Randy Bush
- Re: Genart last call review of draft-ietf-grow-la… Job Snijders
- Re: [GROW] Genart last call review of draft-ietf-… joel jaeggli