IETF Logo Mail Archive

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-overview ENDING: 10/21/2015)

Sandra Murphy <sandy@tislabs.com> Thu, 08 October 2015 09:45 UTC

Return-Path: <sandy@tislabs.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DAA8E1A9051 for <sidr@ietfa.amsl.com>; Thu, 8 Oct 2015 02:45:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yE7lRIio52hU for <sidr@ietfa.amsl.com>; Thu, 8 Oct 2015 02:45:32 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com [192.94.214.200]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71FAB1A9048 for <sidr@ietf.org>; Thu, 8 Oct 2015 02:45:32 -0700 (PDT)
Received: from nova.tislabs.com (unknown [10.66.1.77]) by walnut.tislabs.com (Postfix) with ESMTP id B13E628B003D; Thu, 8 Oct 2015 05:45:31 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain [127.0.0.1]) by nova.tislabs.com (Postfix) with ESMTP id 5C5AB1F8035; Thu, 8 Oct 2015 05:45:31 -0400 (EDT)
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_7CE8A010-FB1B-4361-8219-3800B528F426"; protocol="application/pgp-signature"; micalg="pgp-sha512"
X-Pgp-Agent: GPGMail 2.5.1
From: Sandra Murphy <sandy@tislabs.com>
In-Reply-To: <BAB8D720-5B2E-4197-857F-6DF24E31DCF1@sn3rd.com>
Date: Thu, 08 Oct 2015 05:45:35 -0400
Message-Id: <554A2136-4D85-4C02-B572-C5C1008DD348@tislabs.com>
References: <yj9osi5mae4p.wl%morrowc@ops-netman.net> <BAB8D720-5B2E-4197-857F-6DF24E31DCF1@sn3rd.com>
To: Sean Turner <sean@sn3rd.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/OOGZg8qvvbw8TTL2vhKlMQZkBxo>
Cc: sidr wg list <sidr@ietf.org>, Sandra Murphy <sandy@tislabs.com>
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-overview ENDING: 10/21/2015)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2015 09:45:34 -0000

Speaking as regular ol’ member
On Oct 7, 2015, at 5:24 PM, Sean Turner <sean@sn3rd.com> wrote:

> We’ll need to figure out what to do about the I-D.sidr-as-migration reference it’s in the “IESG Dead” state.
> 
> I guess s3.2 is going to match whatever updates are made to bgpsec-protocol-14.
> 

Looking at that section, I think it matches the planned updates to the bgpsec protocol.

Ironically, I think it matches the planned updates more directly than it matches the current state of the bgpsec protocol, depending on how you read the exact wording.

     .  BGPsec_Path contains 3 signatures :
          o  Signature from AS 1 protecting

             192.0.2/24, AS 1 and AS 2

This will still be true in the updates, no problem.

          o  Signature from AS 2 protecting

             Everything AS 1's signature protected, and AS 3

Right now, the bgpsec protocol’s signature from AS 2 covers the signature from AS 1, not “Everything AS 1’s signature protected”.  Of course, by induction, that protects “Everything AS 1’s signature protected”.  So not wrong, just indirectly true.

The intent as I understand it of the updates to the bgpsec protocol are to make the signature from AS 2 cover and directly protect “Everything AS 1’s signature protected”.

IMHO.  You are an author, so…..

—Sandy, speaking as regular ol’ member

v2.23.0 | Report a Bug | By Email