IETF Logo Mail Archive

Re: [OPSEC] draft-jdurand-bgp-security comment

Marc Blanchet <marc.blanchet@viagenie.ca> Thu, 02 August 2012 05:59 UTC

Return-Path: <marc.blanchet@viagenie.ca>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 216F811E8151 for <opsec@ietfa.amsl.com>; Wed, 1 Aug 2012 22:59:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id li94+fskDZ+m for <opsec@ietfa.amsl.com>; Wed, 1 Aug 2012 22:59:37 -0700 (PDT)
Received: from jazz.viagenie.ca (unknown [IPv6:2620:0:230:8000:226:55ff:fe57:14db]) by ietfa.amsl.com (Postfix) with ESMTP id 5942711E814F for <opsec@ietf.org>; Wed, 1 Aug 2012 22:59:37 -0700 (PDT)
Received: from [IPv6:2001:df8::64:d444:d331:eb78:704d] (unknown [IPv6:2001:df8:0:64:d444:d331:eb78:704d]) by jazz.viagenie.ca (Postfix) with ESMTPSA id B28BB415E5 for <opsec@ietf.org>; Thu, 2 Aug 2012 01:59:36 -0400 (EDT)
From: Marc Blanchet <marc.blanchet@viagenie.ca>
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: multipart/alternative; boundary="Apple-Mail=_F5CAEBE7-53BC-4791-8C5C-4DABE88B5583"
Date: Wed, 01 Aug 2012 22:59:35 -0700
In-Reply-To: <5D3BC3C2-9E2D-464C-8F6A-A712F3F49157@viagenie.ca>
To: opsec@ietf.org
References: <5D3BC3C2-9E2D-464C-8F6A-A712F3F49157@viagenie.ca>
Message-Id: <B8C05E20-EC26-4D42-8A58-638057610820@viagenie.ca>
X-Mailer: Apple Mail (2.1278)
Subject: Re: [OPSEC] draft-jdurand-bgp-security comment
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Aug 2012 05:59:38 -0000

as said on the mike today (and repeating for people not attending), adding to what was sent below, RFC5156 is being discussed in IESG to be put historic because the caveat of listing prefixes in a RFC is that later, other prefixes come by and the RFC has to be revised. There are some discussions about having a registry with some of this info, but I'm not sure it would fit with all the "routing advice" that can be put into a registry.  There are few different classes of prefixes, some are easy: don't announce, filter out, but others are more complicated to be put in a column structured registry (i.e. 2002::/16 announce if you are offering a relay service, you may accept but look at this document for issues, …).  

So I don't have a clear solution or proposal yet, but I urged authors to follow the intarea AD resolution about the ipv6-special-prefixes-RFC5156-registry result that you may want then to reference and cut text in yours, if the resulting registry or work is sufficiently complete to fit what is already discussed in your document.

Marc.

Le 2012-08-01 à 14:41, Marc Blanchet a écrit :

> Hello,
> 
> <extract of draft>
> 4.1.1.2.  IPv6
> 
>    There is no equivalent of RFC5735 for IPv6.  This document recalls
>    the prefixes that MUST not cross network boundaries and therefore
>    MUST be filtered:
> </extract of draft>
> 
> There is an equivalent of RFC5735 for IPv6. it is RFC5156 and touches the same content in that section.
> 
> Marc.
> 
> 
> _______________________________________________
> OPSEC mailing list
> OPSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email