IETF Logo Mail Archive

Re: [sidr] WGLC for draft-ietf-sidr-rpki-rtr-rfc6810-bis-03

David Mandelberg <david@mandelberg.org> Wed, 01 April 2015 14:11 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FD161AC3AF for <sidr@ietfa.amsl.com>; Wed, 1 Apr 2015 07:11:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ebgjS0NGWpO for <sidr@ietfa.amsl.com>; Wed, 1 Apr 2015 07:11:51 -0700 (PDT)
Received: from nm25-vm9.access.bullet.mail.bf1.yahoo.com (nm25-vm9.access.bullet.mail.bf1.yahoo.com [216.109.115.200]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78D2D1A92B8 for <sidr@ietf.org>; Wed, 1 Apr 2015 07:11:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1427897507; bh=DDsOeJDrnOEVS8+qb0ymXYxT33ektux7YTYpvHYINLc=; h=Date:From:To:Subject:References:In-Reply-To:From:Subject; b=l55CfA7e0B0j7H/+/b7X/0g7hcUEdwE5MX+XHjza1CPSN7jXEJJCKKlYY+6vdkCE33NXxei1xkeWXqUR8c6FeCvEpS7MluEwLB+dXK+XJ2ezmlhkTaHyoC6x7Igm4fsml/MuEmm2+i2fBL+tbE5FCvWOq0ShPzSXweTOpIfc3Yfe7z+DGK6j8lViq7SZGMz58IeDxKrd73Zq6nU3pfgQaiUR0OlH3Cc4RRWUMIRDGcyWgoVzcWk875elx6jY4lf7uez4YhvArB4D3S9drmPIGDSD4xsjPZnRx16pHORbqErrXLRK6z1NbbznxqFputsgEtkLHezzLc4RMHiST1b2mQ==
Received: from [66.196.81.157] by nm25.access.bullet.mail.bf1.yahoo.com with NNFMP; 01 Apr 2015 14:11:47 -0000
Received: from [98.138.104.97] by tm3.access.bullet.mail.bf1.yahoo.com with NNFMP; 01 Apr 2015 14:11:47 -0000
Received: from [127.0.0.1] by smtp117.sbc.mail.ne1.yahoo.com with NNFMP; 01 Apr 2015 14:11:47 -0000
X-Yahoo-Newman-Id: 559769.2925.bm@smtp117.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 6dlC1nMVM1lfS44_DCoShrhOSSZYWj_MzMW9QzHwdRH1NtY pmxJO9W0b3N9924FYFQn3.A1WDAJeD6KDRcVjVJ_Nn.BOCtpvFyaNMwMjWDk bmHM4gYWXXBtOFcWmaegFeT8kUPT5w.xaMh1EB2cmbOTlGOtB70cwZhz4kjg WsOB2uqzQoIcdIPUpfpk0iH1cQ2cSrN3jkKawV4vHt0uyYeyvXa8umCSG2Qt numQZDLzcGus1tGmNY0d6MX3eFVUdUNOqSo5eMUye_4yy0o4fPdUUCBV.L7d jnFujmINpbCpfvbauRgq8NB1Ob1cqrdPB82BTobToLoVypOE_eGVyOxNJxdM _ZR1BmZyhRqGH8shd_xtfmNCbuam9Txjhw4_TNmixmtTZDybsIJ8ZuXAQDgB OAlFZUquzG840fgahU.5AOrkpbtVbjjq7zQME16AdA8JtEMuXXNlUaRjbCVg xW341DPVbZQQ9oozXvvzqvOiYQzXlacScBXtXATHnOOTLym3IfcAn9CkgZrM l8GdMymD4o.h.do2xkbAOVYfefdXmuksyuBbo3vb2PW49bW5hjXZxi.As9.n Hw4baIO1ZuGO_Vmso36TyWfCbmzrnq90i8aFAKc7o_XZyba0uWg--
X-Yahoo-SMTP: 4kJJK.qswBDPuwyc5wW.BPAQqNXdy5j09UNyeAS0pyOQ708-
Received: from [192.168.1.10] (c-76-24-31-176.hsd1.ma.comcast.net [76.24.31.176]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 74BB71C604C for <sidr@ietf.org>; Wed, 1 Apr 2015 10:11:46 -0400 (EDT)
Message-ID: <551BFCAF.8050309@mandelberg.org>
Date: Wed, 01 Apr 2015 10:11:59 -0400
From: David Mandelberg <david@mandelberg.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: sidr@ietf.org
References: <D13889F3.2237A%oliver.borchert@nist.gov> <048e9e0eb7a311408c1cb07d192c8894@mail.mandelberg.org> <m2wq1w9zn4.wl%randy@psg.com>
In-Reply-To: <m2wq1w9zn4.wl%randy@psg.com>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="wWVRL3vDMuw4k28rxdMWO8LqHiKSJ05HL"
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/bjILV2Fdu34xyfgDETkPzxTfmh0>
Subject: Re: [sidr] WGLC for draft-ietf-sidr-rpki-rtr-rfc6810-bis-03
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 14:11:52 -0000

On 04/01/2015 01:38 AM, Randy Bush wrote:
> why are you trying to rescue the case where a router (or cache) upgrades
> versions in the middle of a session?
>   o upgrade should be very rare
>   o reload is relatively cheap
>   o and you are generating kinky corner cases to patch it
> 
> session reset.

I wasn't trying to rescue it, I was trying to ensure a session reset.

> the bloody router (or cache) will have reloaded anyway
> and does not have the old state.

Either end can upgrade to support version 1 before the other is ready;
version 1 is only negotiated after both ends support it. I know that our
cache implementation does not lose state unless the database is manually
cleared, but I can't speak for other cache or router implementations. I
agree that the simplest way to fix this issue is to require a reset
query when a new version is negotiated, but I don't think that can be
done by relying on state being lost.

For reference, here's the text that I originally proposed:

   The cache MUST maintain a separate session for each protocol version
it supports, and a router MUST NOT attempt to reuse session information
across multiple protocol versions.

If one of those requirements is too burdensome, either of them would be
sufficient by itself to ensure that a reset query happens when the
negotiated protocol version changes.

-- 
David Eric Mandelberg / dseomn
http://david.mandelberg.org/

v2.23.0 | Report a Bug | By Email