IETF Logo Mail Archive

[savnet] Re: Ketan Talaulikar's Discuss on draft-ietf-savnet-intra-domain-problem-statement-23: (with DISCUSS and COMMENT)

Joel Halpern <jmh.direct@joelhalpern.com> Mon, 20 April 2026 17:19 UTC

Return-Path: <jmh.direct@joelhalpern.com>
X-Original-To: savnet@mail2.ietf.org
Delivered-To: savnet@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 90C51DFAD823; Mon, 20 Apr 2026 10:19:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1776705588; bh=ZRoJWrSlzeUg7jw7WIclfuC8BG89mJBdRzJsoimRijg=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=XCKl71LbijW1ZQkYUp1xqsdXbXYaiA5v/BavnibjyE4Ys+uHpSTwfmNOlnodqg/mn +lg153bYtsxukwCayFtVO9v2jM93Xry52SznDLgn5K0Sr0mQoJ3Mfo8QMdK1aSRaX1 w6caXLKMH0hycuSKURpvIeNHdWa/v7aphZnuzD6A=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_0NjcUte_vW; Mon, 20 Apr 2026 10:19:48 -0700 (PDT)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E6490DFAD81C; Mon, 20 Apr 2026 10:19:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1776705587; bh=LfEtO9i50tvYFHBWOtujin43vgPlZBZk8V4E3DyRhWo=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=jyVc3oPrNIgmKNd7sQ6v2JqNfAQQ0Hfz4ks9HYiS9g/y0UbQFZ3jrjsZTexy9raVb ZVbBTulI+GfRWKtfEQthpnXHZJ8rppoQtXb6AZ4bqlYi+bEmQ9VQAHvoAOmy2+uK34 h8QERUin9KvG8bcGH3d/DkMCnAeJ2gf4MsOs2Z2M=
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 4fzsg71Rnyz6L7VP; Mon, 20 Apr 2026 10:19:47 -0700 (PDT)
X-Quarantine-ID: <2XUgH3jYJgfw>
X-Virus-Scanned: Debian amavis at a2.tigertech.net
Received: from [IPV6:2600:8806:101:d200:d0e7:f519:ae09:ba19] (unknown [IPv6:2600:8806:101:d200:d0e7:f519:ae09:ba19]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 4fzsg50tTPz6LC5k; Mon, 20 Apr 2026 10:19:44 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------0lRFGVSVdmiIxNoTGDUuWg1t"
Message-ID: <3ba117c2-cb6a-4cb7-ba9e-75aea66839cc@joelhalpern.com>
Date: Mon, 20 Apr 2026 13:19:43 -0400
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: Ketan Talaulikar <ketant.ietf@gmail.com>, "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
References: <177624232468.966643.15222807959085603328@dt-datatracker-647897bf7-7f2k5> <6f76eb35.459a5.19d90f45970.Coremail.qinlc@mail.zgclab.edu.cn> <CAH6gdPz5J=P8dXVrZgAdCSXs+7Qia4Ywne1ffohohbjOQGqPbg@mail.gmail.com> <2cadf780.46f5f.19d96f0632f.Coremail.qinlc@mail.zgclab.edu.cn> <CAH6gdPyPAPWp7T2Ksga9dQVFzq6XsFPy2CJHoztKOK0eHSdSDQ@mail.gmail.com> <DS0PR09MB10598035206C0C8AE96C17E51842E2@DS0PR09MB10598.namprd09.prod.outlook.com> <DS0PR09MB10598985968DB7F503D38FE42842E2@DS0PR09MB10598.namprd09.prod.outlook.com> <CAH6gdPzGzdKQ_bBVgAwxF=ZpuKY=nwzk5a5M4HbePc16yZAakA@mail.gmail.com>
Content-Language: en-US
From: Joel Halpern <jmh.direct@joelhalpern.com>
In-Reply-To: <CAH6gdPzGzdKQ_bBVgAwxF=ZpuKY=nwzk5a5M4HbePc16yZAakA@mail.gmail.com>
Message-ID-Hash: YMHOKXHDJL2X2G32IBZDBOHZGSVHDJLS
X-Message-ID-Hash: YMHOKXHDJL2X2G32IBZDBOHZGSVHDJLS
X-MailFrom: jmh.direct@joelhalpern.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, "draft-ietf-savnet-intra-domain-problem-statement@ietf.org" <draft-ietf-savnet-intra-domain-problem-statement@ietf.org>, "savnet@ietf.org" <savnet@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [savnet] Re: Ketan Talaulikar's Discuss on draft-ietf-savnet-intra-domain-problem-statement-23: (with DISCUSS and COMMENT)
List-Id: Source Address Validation in Intra-domain and Inter-domain Networks <savnet.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/savnet/w-zOzde95aE3FArtY54rZW-mbAg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/savnet>
List-Help: <mailto:savnet-request@ietf.org?subject=help>
List-Owner: <mailto:savnet-owner@ietf.org>
List-Post: <mailto:savnet@ietf.org>
List-Subscribe: <mailto:savnet-join@ietf.org>
List-Unsubscribe: <mailto:savnet-leave@ietf.org>

To answer your question about what the WG thinks is covered, leaving the 
rest to the editors and other WG participants, I am replying below your 
text.

Yours,

Joel

On 4/20/2026 1:10 PM, Ketan Talaulikar wrote:
> Hi Sriram/All,
>
> Please see the inline clarifications and comments below.
>
>
> On Sun, Apr 19, 2026 at 11:24 PM Sriram, Kotikalapudi (Fed) 
> <kotikalapudi.sriram@nist.gov> wrote:
>
>     Hi Ketan, Joel, and all,
>
>     This is an updated version my previous post. It benefits from a
>     side discussion with Joel.
>
>     Upon further reflection, the concept of 'interface' has remained a
>     cornerstone of SAV work within this Working Group, consistent with
>     its historical role in SAV development. I think that Joel and
>     Lancheng were also pointing this out.
>
>
> KT> Historically, most of the SAV has been interface-based. 
> Ultimately, SAV will apply at interfaces. However, this was very 
> natural and normal for traditional (mostly inter-domain) cases where 
> it applied to Inter-AS links that served as clear demarcation 
> boundaries between ASes. When the WG discusses intra-domain SAV, I am 
> not very sure that will work out as well. Does the analysis of the WG 
> cover all of the following?
>
> a) The customer being an internal department or subsidiary of an 
> enterprise network?
> b) The customer being a broadband or mobile user - either a 
> residential or a business customer?
> c) The customer being someone that is deploying its workloads in the 
> DC? With host (container/VM/server) mobility within that DC and across 
> DCs (L2/L3) stretch?
>
> Will the WG cover all of these deployments? If yes, it would be good 
> to clarify. If not, please says so. I bring this up because I suspect 
> that applying SAV rules to only the host-to-router interface at the 
> network's edge might not be a very scalable solution, and it could 
> become very complex in cases of host mobility. If the WG still feels 
> that is how they want to tackle it, so be it - but it would be good to 
> call out these aspects.
>
Of these three, A is specifically and explicitly not covered. While the 
WG started out wanting to consider network internal interfaces, the 
discussion led to a clear conclusion that doing so was a bad idea, and 
the document is clear that network internals are out of scope.

B and C are bother covered by aspects of the topology as described in 
the problem statement draft.  The interfaces to those elements are part 
of the scope.  Details of how it would apply to mobile network protocols 
and architectures would presumably be in either the intra-domain 
architecture or intra-domain solutions document, depending upon what the 
WG concludes.

Thank you.

v2.43.4 | Report a Bug | By Email | System Status