Re: [sidr] AD Review of sidr-origin-validation-signaling-09

"John G. Scudder" <jgs@juniper.net> Wed, 30 November 2016 02:08 UTC

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: "John G. Scudder" <jgs@juniper.net>
In-Reply-To: <yj9od1hdrah8.wl%morrowc@ops-netman.net>
Date: Tue, 29 Nov 2016 21:08:11 -0500
Content-Transfer-Encoding: quoted-printable
Message-ID: <F173D66B-3A4F-4C96-BFE2-02D83D8EB17B@juniper.net>
References: <88A45E79-880B-4F82-9FAA-80C05627A49F@cisco.com> <917E9000-8F1F-4E4F-BDEC-767E3510A71A@juniper.net> <yj9od1hdrah8.wl%morrowc@ops-netman.net>
To: Chris Morrow <morrowc@ops-netman.net>
Received-SPF: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Nov 2016 02:08:19.3398 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR05MB2501
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/EjLb87p9Y4A59U863qppeburTps>
Cc: "sidr@ietf.org" <sidr@ietf.org>, "sidr-chairs@ietf.org" <sidr-chairs@ietf.org>, "draft-ietf-sidr-origin-validation-signaling@ietf.org" <draft-ietf-sidr-origin-validation-signaling@ietf.org>, "Sandra L. Murphy" <sandy@tislabs.com>
Subject: Re: [sidr] AD Review of sidr-origin-validation-signaling-09
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2016 02:08:25 -0000

On Nov 29, 2016, at 9:02 PM, Chris Morrow <morrowc@ops-netman.net> wrote:
> Of course, just wiping out the prefixes in flight

Right, exactly. The OV "attack" is just a baroque version of underclaiming, only it's an inferior version because there's a greater audit trail.

> and stitching back
> together the tcp session... same effect.

Not sure why you have to stitch back together the TCP session? I thought you were supposing the "attacker" was the edge node, it can just apply an export policy towards the core.

--John

[sidr] AD Review of sidr-origin-validation-signal… Alvaro Retana (aretana)
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush
Re: [sidr] AD Review of sidr-origin-validation-si… Alvaro Retana (aretana)
Re: [sidr] AD Review of sidr-origin-validation-si… John G. Scudder
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush
Re: [sidr] AD Review of sidr-origin-validation-si… Chris Morrow
Re: [sidr] AD Review of sidr-origin-validation-si… John G. Scudder
Re: [sidr] AD Review of sidr-origin-validation-si… Chris Morrow
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush
Re: [sidr] AD Review of sidr-origin-validation-si… John G. Scudder
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush
Re: [sidr] AD Review of sidr-origin-validation-si… Chris Morrow
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush
Re: [sidr] AD Review of sidr-origin-validation-si… John G. Scudder
Re: [sidr] AD Review of sidr-origin-validation-si… Alvaro Retana (aretana)
Re: [sidr] AD Review of sidr-origin-validation-si… Randy Bush