Re: [sidr] Ben Campbell's No Objection on draft-ietf-sidr-bgpsec-ops-12: (with COMMENT)
"Ben Campbell" <ben@nostrum.com> Wed, 04 January 2017 16:58 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 458E21299D0; Wed, 4 Jan 2017 08:58:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5
X-Spam-Level:
X-Spam-Status: No, score=-5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-3.1] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IsJtf1euvUBO; Wed, 4 Jan 2017 08:58:57 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5D0E1299CE; Wed, 4 Jan 2017 08:58:56 -0800 (PST)
Received: from [10.0.1.39] (cpe-66-25-7-22.tx.res.rr.com [66.25.7.22]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v04GwrA2061090 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 4 Jan 2017 10:58:54 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-66-25-7-22.tx.res.rr.com [66.25.7.22] claimed to be [10.0.1.39]
From: Ben Campbell <ben@nostrum.com>
To: Randy Bush <randy@psg.com>
Date: Wed, 04 Jan 2017 10:58:54 -0600
Message-ID: <661F8C18-7B04-4E88-A97A-BBA8314C3FD4@nostrum.com>
In-Reply-To: <m2d1g3mvo2.wl-randy@psg.com>
References: <148348795694.28027.8646303758093237302.idtracker@ietfa.amsl.com> <m2d1g3mvo2.wl-randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5319)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/UdbqbGqEc9Tw95ROq5Cop6O7g80>
Cc: The IESG <iesg@ietf.org>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] Ben Campbell's No Objection on draft-ietf-sidr-bgpsec-ops-12: (with COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 16:58:58 -0000
Thanks for the quick response. On 3 Jan 2017, at 20:00, Randy Bush wrote: > thanks for the review. > >> Update: I noted when reviewing other sidr drafts on this telechat >> agenda that this draft treats 2119 keywords differently than the >> other >> drafts. That is, this draft explicitly excludes lower case versions >> of the 2119 keywords > > which is, i believe, the current wisdom; see long discussion on ietf > list. > >> while the other related drafts do not. > > have fun with that. I plan to mention that when I write up my reviews of the other two :-) I agree with the lower case exclusion. I merely thought the working group might want to be consistent on the cluster of drafts. (Assuming they are really a cluster--I could see an argument that the protocol and overview drafts are for a separate audience than the bgp.) [...] > >> -4, first paragraph: I found "either" followed by "and/or" a bit >> confusing. I suggest simply dropping the word "either". > > As described in [I-D.ietf-sidr-rtr-keying] BGPsec-speaking routers > are either capable of generating their own public/private key-pairs > and having their certificates signed and published in the RPKI by > the > RPKI CA system, and/or are given public/private key-pairs by the > operator. > > but the router(s) might not be capable of generating key-pairs. they > might, they might not, the op may generate or not, or both. an absurd > corner case might be that a router with two ASs has the as0 key > stuffed > by the as0 noc, and the as1 key is generated on device because that is > the as1 policy. > I merely meant that "either" seemed odd for non-exclusive options. I take your argument to mean that the options really are non-exclusive. >> -4, last paragraph: "a prudent operator will..." sounds like it might >> be >> worthy of a SHOULD. > > given the previous, how about lower case should That would not seem to change anything :-) My point was that the language seemed stated in a way that _might_ justify a 2119 keyword. If you don't think so, then I'm fine with the current wording. > >> -6, first paragraph: "SHOULD/MUST only" constructions tend to be >> ambiguous. In this case, are we saying SHOULD only originated signed >> announcements, as opposed to unsigned announcements? Or as opposed to >> validating received assignments? If the latter, then the "need not >> validate" seems to weaken the SHOULD. > > An edge site which does not provide transit and trusts its > upstream(s) may only originate a signed prefix announcement and not > validate received announcements. That's much more clear, thanks. [...] > >> -7, paragraph 6: This seems to say that signed paths MUST be signed. >> Does >> the "MUST be signed if sent to external BGP speakers" mean that the >> existing signature must not be stripped (as stated more weakly in the >> previous sentence), or does it mean the sender must re-sign the path? > > Because of possible RPKI version skew, an AS Path which does not > validate at router R0 might validate at R1. Therefore, signed > paths > that are Not Valid and yet propagated (because they are chosen as > best path) should have their signatures left intact and MUST be > signed if sent to external BGPsec speakers. > > i am not seeing where bgpsec stripping was suggested; in fact, the > opposite. if router r0 receives a signed path and intends to pass > that > signed path to the next listener, r0 must sign the path. i am at a > loss > to understand your question. clue bat please. Sorry, I did not mean that stripping was suggested; the previous phrase (non-normatively) recommends against stripping. My question is, since the subject of the sentence is "signed paths" whether the "MUST be signed" language means "MUST NOT strip the signature" (which I suspect to be the case), or something else. > >> -7, paragraph 7: "a signed path learned via iBGP MAY be Not Valid." >> seems like a statement of fact. > > are you suggesting to downcase it? i will assume so. Yes, sorry. > >> -12.2: [I-D.ietf.sider.bgpsec.overview] is mentioned in section 2 as >> needed to understand this document. That suggests it should be a >> normative reference. > > ennie meenie. i think some other reviewer had me push refs around. i > don't have a dog in this fight. my personal opinion would be that > overview is informative and the protocol spec itself is normative. As I mentioned in response to Alvaro's comment: Maybe section 2 should cite the protocol rather than the overview? (Perhaps with a separate mention that the overview is available.) Ben.
- [sidr] Ben Campbell's No Objection on draft-ietf-… Ben Campbell
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Alvaro Retana (aretana)
- Re: [sidr] Ben Campbell's No Objection on draft-i… Ben Campbell
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Ben Campbell
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Ben Campbell
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Ben Campbell
- Re: [sidr] Ben Campbell's No Objection on draft-i… Randy Bush
- Re: [sidr] Ben Campbell's No Objection on draft-i… Ben Campbell