Re: [sidr] AD Review of draft-ietf-sidr-slurm-04

Alvaro Retana <> Wed, 31 January 2018 15:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A24F512EC01; Wed, 31 Jan 2018 07:40:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iu0NKvc5IJp9; Wed, 31 Jan 2018 07:40:03 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4003:c0f::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5CC5B12EB34; Wed, 31 Jan 2018 07:39:36 -0800 (PST)
Received: by with SMTP id l5so7650714otj.11; Wed, 31 Jan 2018 07:39:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=kv8u9GojQ6CyzRX3TlqefM6LoPY1opt64IVF4s2mNks=; b=IEZ+9GnozbEBiMHqJj8YPvgyfV2mKUyegM9DRZDP9mo3hQ58BpAX5aJp8LIXsR6Rxs /7IDiLIzFkqenEWyDwDXnqnIlRIon9jVtovdM5GC1IDHj6tYDSmksBI/pF+vpBaJGkO7 zeDhEuz+p3HG0Mp6s9NRuBXB8b51BTl17IxnVBD7Hb5NpIWz61boRNm+vfnvj29ux5f/ ef5otOPEQRPdaFFoeXlo4uzG1VMprUW3qX71LjHD3AwKhkNDYN+U06t1uL3u/2sSyxAF hbk/JRLHFlbB5OC5XViGsM7P39fM9cLNYesKtwve59kThqmQblCq27L1iL0yQah6BdtK GJjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=kv8u9GojQ6CyzRX3TlqefM6LoPY1opt64IVF4s2mNks=; b=k3A9Mwtly4zHqMG8ShNU+cJbyNS4+BEz63WAOmK3MBK5H6qU9KzTxWBbO9vAfrAIHj ZvmpkMeTVljkpjj0LBaGnvassfSDMw1+ApTumlUVRx8LjdctYzIxsw2l2E4jj0mnl4UF jc+Dsa2y2BX6lk80uBWZmjd8D9B4qxDderHATikmVX8rCv9A5TZd78x68CVKLXO5pB4P wEXOOY7qjDB2PWO9V/wB3zpcyCYAmwO1+4C9ahgBa4ZqjXqx8sLcYNb3djHSpP7T+Qty rHR558y7/bxECN/uL1ipFwR+Q2iFWszuqtvqX5Rh6sH4LGLzz+m/a4TZC1HgknGNNiPW V/sg==
X-Gm-Message-State: AKwxytcFQbGmplA0BALNHZHER45iLwBU4kfVWTbJDez9Wm+cD44H5oBh wBr+NfonBwzEz8JD2ztyRTwYAj61whiQFUtoCN0=
X-Google-Smtp-Source: AH8x224vRoozP3zOayfnwqJDApR6s6++Ehb+O+qA5li/IGxvkQ+LYbdJwS6KUdk1VVNYcwz1u7wxT0cOgkRZXMVMoIA=
X-Received: by with SMTP id y62mr26001915ota.307.1517413175786; Wed, 31 Jan 2018 07:39:35 -0800 (PST)
Received: from 1058052472880 named unknown by with HTTPREST; Wed, 31 Jan 2018 07:39:35 -0800
From: Alvaro Retana <>
In-Reply-To: <>
References: <> <>
X-Mailer: Airmail (467)
MIME-Version: 1.0
Date: Wed, 31 Jan 2018 07:39:35 -0800
Message-ID: <>
To: Di Ma <>
Cc:, Chris Morrow <>,,
Content-Type: multipart/alternative; boundary="94eb2c04f8d65202d7056414499f"
Archived-At: <>
Subject: Re: [sidr] AD Review of draft-ietf-sidr-slurm-04
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Interdomain Routing <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 31 Jan 2018 15:40:06 -0000



Thanks for your prompt reply.  I look forward to an updated draft.


On January 31, 2018 at 10:18:57 AM, Di Ma ( wrote:

Hi, Alvaro,

Thanks for your comments.

Please see my responses in lines.

> 在 2018年1月30日,02:21,Alvaro Retana <>; 写道:
> Dear authors:
> I just finished reading this document.
> I have some comments (below) that should be easy to address — please take
a look. I need you to address the References before I start the IETF Last
Call because of the DownRef to rfc6483.
> Thanks!
> Alvaro.
> Major:
> M1. Section 3.1: I'm not sure what the Normative result is form this
piece of text: "JSON members that are not defined here MUST not be used in
SLURM Files, however Relying Parties SHOULD ignore such unrecognized JSON
members at the top level, while any deviations from the specification at
lower levels MUST be considered an error." (s/MUST not/MUST NOT) If the not
defined members MUST NOT be used, when would the RPs not ignore (or even
better, treat as errors) them? IOW, why use SHOULD instead of MUST?

We authors think MUST is better than SHOULD.

And we would like to update section 3.1 saying:

"This document describes responses in the JSON [RFC7159] format. JSON
members that are not defined here MUST not be used in SLURM Files and
additional top-level members MUST be defined in RFCs that update this
document. Relying parties MUST ignore unrecognized JSON members at the top
level, while any deviations from the specification at lower levels MUST be
considered an error.”

Here is the consideration:
The current document describes local exceptions with regards to ROAs and
Router Certificates, which are significant to local control of routing. The
thought here was that we would leave an option for future other ’top-level’
elements to describe local exceptions with regards to other (future) RPKI
objects as long as they have fundamental effect in routing control , while
maintaining backward compatibility. But this is not explicit in the
document as written. The risk here, as written, is that implementations can
just add stuff at will for their own purpose and we can end up with the
same member name being re-used.

> M2. Section 4.2: "Before an RP configures SLURM files from different
source it MUST make sure there is no internal conflict among the INR
assertions in these SLURM files. To do so, the RP SHOULD check the entries
of SLURM file..." I think there's a Normative mismatch: "MUST make" vs "SHOULD check the entries"; the SHOULD leaves the
door open to not always checking -- are there cases when the entries
wouldn't be checked *and* the MUST can still be guaranteed? It seems to me
like both keywords should be MUST.


You are making sense here.

> M3. Section 6: "...but if the RP updates its SLURM file over the network,
it MUST verify the authenticity and integrity of the updated SLURM file."
Please indicate that the mechanism to update files, and the
authentication/integrity verification are outside the scope of this


We are going to add:

"Yet the mechanism to update SLURM file to guarantee authentication and
integrity is out of the scope of this document. "

Besides, we need to change ‘source’ to ‘sources’ :-)

> M4. References:
> M4.1. s/I-D.ietf-sidr-bgpsec-overview/rfc8205 ...and should be Normative.
> M4.2. I believe the following references should also be Normative:
ietf-sidr-rpki-rtr-rfc6810-bis/rfc8210, rfc6483, rfc6810, rfc6811 and
> M4.3. [minor] Please update the references according to the Nits [1].
> [1]


> Minor:
> P1. "Relying party software MAY modify other forms of output in
comparable ways, but that is outside the scope of this document." If it’s
out of scope, then there shouldn't be any Normative language. s/MAY/may


> P2. “Locally Added Assertions" are sometimes called "Locally Adding

We authors are going to change 4.1 and 4.2 to say “Locally Added
Assertions” because we refer to the elements.

The lower case “locally adding assertions” in 3.2 is fine, because it
describes an action.

> Nits:
> N1. s/control make use of RPKI data/control use of RPKI data