Re: [sidr] Injecting idea of "freshness of repository data" into BGP
Terry Manderson <terry.manderson@icann.org> Wed, 28 March 2012 08:30 UTC
Return-Path: <terry.manderson@icann.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD8DB21F8899 for <sidr@ietfa.amsl.com>; Wed, 28 Mar 2012 01:30:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.545
X-Spam-Level:
X-Spam-Status: No, score=-106.545 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ovyLudoQ54v for <sidr@ietfa.amsl.com>; Wed, 28 Mar 2012 01:30:09 -0700 (PDT)
Received: from EXPFE100-2.exc.icann.org (expfe100-2.exc.icann.org [64.78.22.237]) by ietfa.amsl.com (Postfix) with ESMTP id 355A821F8890 for <sidr@ietf.org>; Wed, 28 Mar 2012 01:30:06 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-2.exc.icann.org ([64.78.22.237]) with mapi; Wed, 28 Mar 2012 01:30:05 -0700
From: Terry Manderson <terry.manderson@icann.org>
To: Jeffrey Haas <jhaas@pfrc.org>, "sidr@ietf.org" <sidr@ietf.org>
Date: Wed, 28 Mar 2012 01:30:03 -0700
Thread-Topic: [sidr] Injecting idea of "freshness of repository data" into BGP
Thread-Index: Ac0Mu5MAdvpX0+KIQjuOtxoyEGbdHQAAWW6c
Message-ID: <CB99092B.23A02%terry.manderson@icann.org>
In-Reply-To: <20120328081939.GA19843@slice>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="B_3415804203_10487216"
MIME-Version: 1.0
Subject: Re: [sidr] Injecting idea of "freshness of repository data" into BGP
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 08:30:16 -0000
Jeff, On 28/03/12 6:19 PM, "Jeffrey Haas" <jhaas@pfrc.org> wrote: > Per my mic comment at IETF 83: > During the San Diego interim session we had discussed potentially signaling > in BGP the idea that a given AS may have fresher data available in its > repository. > > My original thought had been something along the lines of a new AFI/SAFI > that contains this data. Matt L., in discussing this point at the mic with > me, suggested something that has resemblence to the serial number field in > DNS. For example, this field could go into the "reserved" field that a > route originator puts into the signature. If the serial number increases, > this could suggest that fresher information is present in that originator's > repository. I think this is interesting. I think I would further like an assessment/disussion of this "serial number" being consistent between the BGP information, the RPKI repository, and this through the validated cache and presented to the router via rpki-rtr. It may well present far too many error situations by doing that, but may also provide a brilliant statement of a consistent view matching origination intent in a time and space perspective. 0.02c > > Discussion around this mechanism: > - If this is part of a given route's signature block, the issue is that a > given origin may be seen with a number of serial numbers depending on > propagation of BGP routes. > - Such a serial number is important not only for the originator of a route, > but also all parties participating in the signature. > This particular details suggests to me that such signaling probably should > be separate from the signatures. > - By being part of the signature, we get some level of freshness in things > in a route-by-route basis and less likely that a completely separate > "route" that is repository freshness is dropped. >
- [sidr] Injecting idea of "freshness of repository… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Terry Manderson
- [sidr] Freshness belt and suspenders .... DougM lists
- Re: [sidr] Injecting idea of "freshness of reposi… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Christopher Morrow
- Re: [sidr] Injecting idea of "freshness of reposi… Danny McPherson
- Re: [sidr] Injecting idea of "freshness of reposi… Murphy, Sandra
- Re: [sidr] Injecting idea of "freshness of reposi… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Jakob Heitz
- Re: [sidr] Injecting idea of "freshness of reposi… Jakob Heitz
- Re: [sidr] Injecting idea of "freshness of reposi… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Joel jaeggli
- Re: [sidr] Injecting idea of "freshness of reposi… Randy Bush
- Re: [sidr] Injecting idea of "freshness of reposi… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Randy Bush
- Re: [sidr] Injecting idea of "freshness of reposi… Jeffrey Haas
- Re: [sidr] Injecting idea of "freshness of reposi… Randy Bush
- Re: [sidr] Injecting idea of "freshness of reposi… Andrew Lange
- Re: [sidr] Injecting idea of "freshness of reposi… Danny McPherson
- Re: [sidr] Injecting idea of "freshness of reposi… DougM lists
- Re: [sidr] Injecting idea of "freshness of reposi… Andy Newton
- Re: [sidr] Injecting idea of "freshness of reposi… Christopher Morrow
- Re: [sidr] Injecting idea of "freshness of reposi… Arturo Servin
- Re: [sidr] Injecting idea of "freshness of reposi… Matthias Waehlisch
- Re: [sidr] Injecting idea of "freshness of reposi… Danny McPherson
- Re: [sidr] Injecting idea of "freshness of reposi… Eric Osterweil
- Re: [sidr] Injecting idea of "freshness of reposi… Robert Raszuk
- Re: [sidr] Injecting idea of "freshness of reposi… Eric Osterweil