IETF Logo Mail Archive

Re: [sidr] WGLC: draft-ietf-sidr-rtr-keying - finishes - 10/16/2017 - Oct 16, 2017

"Borchert, Oliver (Fed)" <oliver.borchert@nist.gov> Thu, 12 October 2017 21:44 UTC

Return-Path: <oliver.borchert@nist.gov>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B037134588; Thu, 12 Oct 2017 14:44:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6V9wwKeKGbQy; Thu, 12 Oct 2017 14:43:48 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0111.outbound.protection.outlook.com [23.103.201.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48A02134580; Thu, 12 Oct 2017 14:43:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=zR0bxHV2UbE3ZzjBletFupZfDPfezTqBJysdoCmReqc=; b=sZ72ikwHH9sFU+5V0rPdRg98Ev7iv8kkmqYcGEDkZwPVo6IUBm9m+6n7nnoxevFAYqxX0Zd5AXecRSc/hvA/V7n72AWAiz9S+MtjkJuIkiVuDmCr5WbdueE09A6KEPajuJgytjhUUTsQbouMLLduypcPt+VRtNNZTSEWZc1dahE=
Received: from CY4PR09MB1205.namprd09.prod.outlook.com (10.172.65.147) by CY4PR09MB1206.namprd09.prod.outlook.com (10.172.65.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.77.7; Thu, 12 Oct 2017 21:43:45 +0000
Received: from CY4PR09MB1205.namprd09.prod.outlook.com ([10.172.65.147]) by CY4PR09MB1205.namprd09.prod.outlook.com ([10.172.65.147]) with mapi id 15.20.0077.020; Thu, 12 Oct 2017 21:43:44 +0000
From: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
To: Christopher Morrow <christopher.morrow@gmail.com>
CC: "sidr@ietf.org" <sidr@ietf.org>, "sidr-chairs@ietf.org" <sidr-chairs@ietf.org>, "sidr-ads@ietf.org" <sidr-ads@ietf.org>, "draft-ietf-sidr-rtr-keying@ietf.org" <draft-ietf-sidr-rtr-keying@ietf.org>, "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>, "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
Thread-Topic: [sidr] WGLC: draft-ietf-sidr-rtr-keying - finishes - 10/16/2017 - Oct 16, 2017
Thread-Index: AQHTO/XHsEI5Kg29XkCJzevG1oYEE6LgzLyA
Date: Thu, 12 Oct 2017 21:43:43 +0000
Message-ID: <CY4PR09MB12051C2793C9C60C2ED9AC64984B0@CY4PR09MB1205.namprd09.prod.outlook.com>
References: <CAL9jLaYXK4vLGtNgqs_ofPmEBez=AmrgD+dPwUhG-=A_NHokTg@mail.gmail.com>
In-Reply-To: <CAL9jLaYXK4vLGtNgqs_ofPmEBez=AmrgD+dPwUhG-=A_NHokTg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=oliver.borchert@nist.gov;
x-originating-ip: [129.6.140.119]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR09MB1206; 6:/Wm19o1f0zkqd95o/PLSnwk/iZJtCNEK2VJiJgOXKJ8LIWyFMFhVFWWMvTfSQ0AEQceERH3zuv/59gBMZlVCPIldhO0+a1hvU6PcoiivxUUyRnSP960OjF2tZGFN8u2v2iKD90TiRYjdfyJD3SFQL9G+2j4ztGiVYWAJ66HNGeHJ+eI4CTpA1WyizKoV65atImAZsU5ApGhSYezb90GY25sbtzxgpxtDLZATr0OPxizDJui3L66C4e4Z3lgh8sDXVOG+iiayjpFxLvlqRZpHQrqAcCXsDwwUACPZXpcePUzsNyaw1t9YWZvzE+sU5szcVwi7IoLQQqpXIfXft9YOew==; 5:sBCm/q08Zs4z5bICFHho5Flk05KJzXPKqmZjK1aen7lBYsYCDWOhgmCFhA2Ophg+VZOokmzwnE+7cKFjj/XpjdsGcPrzDbLBva2T9BNp6XjOxcJ5noEhgn1eOe6pqXY+0KLycmuPlMxvoClkk1Ef4CpJh4GebgExBan0HzvSh9U=; 24:9t4DF+US+Vp/WsgGByfUXqA5Cmufesu9sl8LQRpRotAdQP3MLNnjgywtFqSkYcUPWCCImZXIi7Wd95HGEIWvljaF3hMG6ed+jowBgTBxzec=; 7:0fe99jgWrrc2ADe2sAVdSxNZQI0NfgcqI54nr1YZDE3iIej82SvTBWtkPrIfF/c6KnqXXVewotY64a1sG+oUpIpkbi583sItRSjGiuGCllD7grtzNlBp2avQtPqQkRAUNTH0f/Hik7wv1ofXzyez0bb3y3XRTQjE5zZrekrqcf8T3IUd42n+6H3jIzS6dgPH0+SFuaM8lNJSooqk8kNMMKzdVArOVmBQJLDtFlOpO7Y=
x-ms-exchange-antispam-srfa-diagnostics: SSOS;SSOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10019020)(376002)(346002)(39860400002)(5423002)(189002)(377454003)(199003)(99936001)(101416001)(53936002)(76176999)(54906003)(25786009)(478600001)(54356999)(966005)(50986999)(33656002)(5890100001)(606006)(14454004)(77096006)(53546010)(6246003)(55016002)(106356001)(102836003)(3846002)(3660700001)(5660300001)(3280700002)(2900100001)(2906002)(790700001)(6506006)(6116002)(105586002)(9686003)(54896002)(2950100002)(229853002)(39060400002)(7696004)(230783001)(189998001)(6306002)(68736007)(107886003)(9326002)(236005)(66066001)(8676002)(4326008)(81166006)(6436002)(8936002)(97736004)(7736002)(81156014)(74316002)(99286003)(316002)(86362001)(6916009)(554374003); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR09MB1206; H:CY4PR09MB1205.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
x-ms-office365-filtering-correlation-id: ef67c755-cf2e-45d5-f396-08d511ba4fa4
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(49563074)(201703131423075)(201703031133081)(201702281549075); SRVR:CY4PR09MB1206;
x-ms-traffictypediagnostic: CY4PR09MB1206:
x-exchange-antispam-report-test: UriScan:(189930954265078)(219752817060721)(21748063052155);
x-microsoft-antispam-prvs: <CY4PR09MB12064B48DC9ADE3E8EAD7A2E984B0@CY4PR09MB1206.namprd09.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(102415395)(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123560025)(20161123558100)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR09MB1206; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR09MB1206;
x-forefront-prvs: 04583CED1A
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/mixed; boundary="_004_CY4PR09MB12051C2793C9C60C2ED9AC64984B0CY4PR09MB1205namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Oct 2017 21:43:43.8405 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR09MB1206
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/1U276_jWb6ytaT2ezR7OOrDtAuI>
Subject: Re: [sidr] WGLC: draft-ietf-sidr-rtr-keying - finishes - 10/16/2017 - Oct 16, 2017
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2017 21:44:02 -0000

Hi,



I  believe this draft is important. Said that, I also believe that it needs some more work before it is ready to advance to IESG review.



Sriram and I were reading the draft carefully and after some discussion, I added our findings into the document itself.

For easier reading, I added the comments as attachment in pdf form.



The main issues we identified were in sections 5, 6, and 8 of the document.



The sections 5 and 6 are not easy to understand and the flow is somewhat confusing. We propose to restructure the sections 5 and 6 into three sections,  each section having a well-defined outcome.

This makes it easier for an implementer to understand what to do and what is expected.



Also in section 8, we identified some overlapping with draft-ietf-sidrops-bgpsec-rollover-02. We propose some changes and references to mitigate the overlaps.

Once our concerns are addressed, we believe that the document should advance to IESG.



We are willing to help out in any capacity,



Thanks,

Oliver


From: sidr [mailto:sidr-bounces@ietf.org] On Behalf Of Christopher Morrow
Sent: Monday, October 02, 2017 11:14 PM
To: sidr@ietf.org; sidr-chairs@ietf.org; sidr-ads@ietf.org
Subject: [sidr] WGLC: draft-ietf-sidr-rtr-keying - finishes - 10/16/2017 - Oct 16, 2017

WG Folk,
I thought I had sent this note our previously, but... better late then never sent:

Please consider this the WGLC for:
  https://tools.ietf.org/html/draft-ietf-sidr-rtr-keying-13<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-sidr-rtr-keying-13&data=02%7C01%7Coliver.borchert%40nist.gov%7C928c470f76354b13f98d08d50a0ce109%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C636425972798413518&sdata=%2B4l88vCjZsKlctqmu2QGf24s%2FmhWtY2GgTSiSQm9%2FOI%3D&reserved=0>

Abstract:
  "BGPsec-speaking routers are provisioned with private keys in order to
   sign BGPsec announcements.  The corresponding public keys are
   published in the global Resource Public Key Infrastructure, enabling
   verification of BGPsec messages.  This document describes two methods
   of generating the public-private key-pairs: router-driven and
   operator-driven."

Please send along comments/complaints/issues/kudos (to the authors), to the list and I'll see you all in ~14 or so days.

Thanks!
-chris
co-chair

v2.23.0 | Report a Bug | By Email