IETF Logo Mail Archive

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

Danny McPherson <danny@tcb.net> Thu, 10 November 2011 03:25 UTC

Return-Path: <danny@tcb.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BBB611E8081 for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 19:25:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.334
X-Spam-Level:
X-Spam-Status: No, score=-102.334 tagged_above=-999 required=5 tests=[AWL=0.037, BAYES_00=-2.599, HTML_MESSAGE=0.001, SARE_SUB_OBFU_Q1=0.227, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ec42orxJgjB for <sidr@ietfa.amsl.com>; Wed, 9 Nov 2011 19:25:32 -0800 (PST)
Received: from uu.ops-netman.net (morrowc-1-pt.tunnel.tserv13.ash1.ipv6.he.net [IPv6:2001:470:7:36e::2]) by ietfa.amsl.com (Postfix) with ESMTP id 3694311E8086 for <sidr@ietf.org>; Wed, 9 Nov 2011 19:25:32 -0800 (PST)
Received: from mailserver.ops-netman.net (mailserver.ops-netman.net [208.76.12.119]) by uu.ops-netman.net (Postfix) with ESMTP id C80FC1901D5; Thu, 10 Nov 2011 03:25:31 +0000 (UTC)
Received: from dul1dmcphers-m1.home (pool-98-118-240-226.clppva.fios.verizon.net [98.118.240.226]) (Authenticated sender: danny@OPS-NETMAN.NET) by mailserver.ops-netman.net (Postfix) with ESMTPSA id D6C04320319; Thu, 10 Nov 2011 03:25:27 +0000 (UTC)
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: multipart/alternative; boundary="Apple-Mail-2--1009055232"
From: Danny McPherson <danny@tcb.net>
In-Reply-To: <D7A0423E5E193F40BE6E94126930C49308EAF8EF67@MBCLUSTER.xchange.nist.gov>
Date: Wed, 09 Nov 2011 22:25:28 -0500
Message-Id: <30BC761A-67AB-4E08-9BC1-0B2E204AD7DE@tcb.net>
References: <CAL9jLaa+L-C7+Gp54BpM8FjAj+EFMabwQB9SsPW0N4QnFEfVGw@mail.gmail.com> <4297E946-980B-43C5-A01F-1F49706BC51E@tcb.net> <p06240808cad5c4d268eb@193.0.26.186> <0364A2AA-0CCF-408A-B5CB-42D7AFCAFB36@tcb.net> <p06240804cad81a9e4485@193.0.26.186> <54CED243-BDDD-45B9-AC5C-C6A97692FBF2@verisign.com> <CAL9jLaZ1GoN-iG4SWocVVhTKp5ppPOgHWcjh1J30GPnfwBPf+A@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C49308E9E3555C@MBCLUSTER.xchange.nist.gov> <92AA1C8B-7CDB-406E-AA83-7C1BCD83CB69@ericsson.com> <D7A0423E5E193F40BE6E94126930C49308EAF8EF67@MBCLUSTER.xchange.nist.gov>
To: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>
X-Mailer: Apple Mail (2.1084)
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Nov 2011 03:25:33 -0000

On Nov 8, 2011, at 12:19 PM, Sriram, Kotikalapudi wrote:

> Now the ops doc has much longer beaconing interval recommendations
> for what you may consider a normal prefix.
> 
> http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-ops-01#section-7
> 
> 	Normal Prefix:  Most prefixes SHOULD announce with a signature
> 	validity of a week and beacon every three days.

Seriously?  After all this effort exposure window of 72 hours or more now
- I can do far better than this manually in meatspace.

Where are these numbers coming from?

It's interesting the onus is on the sender to set the periodic update rates, 
yet the load is on every other participant in the system.  We've seen how
well this works in practice.

-danny

v2.30.2 | Report a Bug | By Email | System Status