IETF Logo Mail Archive

Re: [sidr] Request for WG Last Call fordraft-ietf-sidr-bogons-02.txt anddraft-ietf-sidr-roa-validation-01.txt

Sandra Murphy <sandy@sparta.com> Tue, 02 December 2008 19:56 UTC

Return-Path: <sidr-bounces@ietf.org>
X-Original-To: sidr-archive@megatron.ietf.org
Delivered-To: ietfarch-sidr-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E5F1A3A68BE; Tue, 2 Dec 2008 11:56:29 -0800 (PST)
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 11DE93A6B51 for <sidr@core3.amsl.com>; Tue, 2 Dec 2008 11:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.524
X-Spam-Level:
X-Spam-Status: No, score=-2.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cbv5qFQ37Xjl for <sidr@core3.amsl.com>; Tue, 2 Dec 2008 11:56:28 -0800 (PST)
Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by core3.amsl.com (Postfix) with ESMTP id EA73A3A68BE for <sidr@ietf.org>; Tue, 2 Dec 2008 11:56:27 -0800 (PST)
Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id mB2JuKMD000746; Tue, 2 Dec 2008 13:56:20 -0600
Received: from nemo.columbia.ads.sparta.com (nemo.columbia.sparta.com [157.185.80.75]) by Beta5.sparta.com (8.12.11/8.13.1) with ESMTP id mB2JuKx3006543; Tue, 2 Dec 2008 13:56:20 -0600
Received: from SANDYM-LT.columbia.ads.sparta.com ([157.185.81.132]) by nemo.columbia.ads.sparta.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Tue, 2 Dec 2008 14:56:19 -0500
Date: Tue, 02 Dec 2008 14:56:19 -0500
From: Sandra Murphy <sandy@sparta.com>
To: Geoff Huston <gih@apnic.net>
In-Reply-To: <FFDEAEB4-9A07-4F69-B632-2263A548DECF@apnic.net>
Message-ID: <Pine.WNT.4.64.0812021325280.1144@SANDYM-LT.columbia.ads.sparta.com>
References: <C542C40B.5166%andy@arin.net><A3751517-D15C-45DD-B530-027758F36B04@apnic.net><FC10BBCC-6144-4420-ACFC-9454F26444BE@tcb.net><6F70023C-57B1-4C8D-8DDF-B9D7D8F139F9@apnic.net><56AFA6B5-BCFB-4CDC-B921-3590F71CCBA0@tcb.net><0072BC84-507D-497C-B8B6-0F26DE804316@apnic.net><19318B76-0E1E-4DC5-8017-D2350352169C@tcb.net><16C1A7B4-C46F-4354-B1F8-4AF8EB5249B9@apnic.net><C4A37FE7-88F1-4DEC-AB81-CC2EC6A96C79@tcb.net><D1AE3911-CBB9-451A-AE47-CB254E403DED@apnic.net><EC1B7F06-4137-4F97-8EE5-7676DB0E7155@tcb.net><BD48FF05-04D0-4B71-AF1B-F074E0199202@apnic.net><A09B46E4-02B0-4825-888C-CA24CD68EF50@tcb.net><CB9CD7AF-8CD3-4636-8D64-E876B9216B47@apnic.net><264FCEF8-3DD1-49AB-B41F-56FD0A1B2870@tcb.net> <76720B94-5516-48BB-9D83-F3182969A6DE@apnic.net> <04CAD96D4C5A3D48B1919248A8FE0D540835895A@xmb-sjc-215.amer.cisco.com> <3C4C05F3-8554-4F68-9508-F6B1E3E20660@apnic.net> <04CAD96D4C5A3D48B1919248A8FE0D5408358A48@xmb-sjc-215.amer.cisco.com> <FFDEAEB4-9A07-4F69-B632-2263A548DECF@apnic.net>
X-X-Sender: sandy@nemo.columbia.sparta.com
MIME-Version: 1.0
X-OriginalArrivalTime: 02 Dec 2008 19:56:19.0614 (UTC) FILETIME=[0B3EA3E0:01C954B8]
Cc: sidr@ietf.org
Subject: Re: [sidr] Request for WG Last Call fordraft-ietf-sidr-bogons-02.txt anddraft-ietf-sidr-roa-validation-01.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: sidr-bounces@ietf.org
Errors-To: sidr-bounces@ietf.org


On Tue, 2 Dec 2008, Geoff Huston wrote:

> WG Chair Hat off
>
> On 02/12/2008, at 3:22 PM, Pradosh Mohapatra (pmohapat) wrote:
>
>> | > What if: when "I have been allocated 203.10.61.0/24", I
>> | issue an ROA
>> | > for the same with my origin AS? Doesn't that automatically
>> | mean that
>> | > all the advertisements of the prefix from another origin AS are
>> | > automatically invalid?
>> |
>> |
>> | No. Some folk believe that this should be the case, others
>> | believe that this should not be the case. Those who believe
>> | that this should not be the case are  proposing the BOA as a
>> | form of explicitly stating what is invalid without having to
>> | state what is valid.
>> 
>> Why should this not be the case?
>> 
>
> Because the transitive closure of ROAs in an environment of piecemeal 
> deployment is non-deterministic.

I can't grasp this statement.  What do you mean by transitive closure of 
ROAs?  ROAs aren't a relation that could be performed transitively.  And I 
don't see the non-determinism.

Are you saying that the complete set of ROAs does not give you the 
complete set of valid advertisements?  If so, then you are using the 
"these ASs and maybe others" semantics.  Right?

>
>
>
>> | By the way, given that you have published a ROA aithorizing
>> | your origin AS to advertise the prefix, I suspect that this
>> | has created some further vulnerabilities that a BOA would not
>> | create. What happens if I use this ROA you've created to
>> | hijack with your prefix by prepending your origin AS to my
>> | AS? Can a third party detect that this is a hijack of your
>> | prefix from the origination information and the ROA? I do not
>> | think so.
>> 
>> This is a good example case for path attestation / complete AS_PATH
>> validation, no? When a third party tries to verify whether the
>> path leads back to origin AS, that should fail (whenever we get to
>> that part)...
>
> right - the "lets use magic" solution. I'm convinced.

I don't understand this statement.  But I've already noted that we're not 
working on protecting the AS_PATH beyond the origination point.  I think 
that when Pradosh said "whenever we get to that part" he was referring to 
potential future work to protect the AS_PATH beyond the origination.

>
>
>> 
>> 
>> | > As others have suggested, when "I have been allocated
>> | 203.10.60.0/22",
>> | > I issue an ROA for 203.10.60.0/22-22. That automatically means that
>> | > there can't be any other advertisements for this prefix or its more
>> | > specifics (unless I suballocate a more specific block and a new ROA
>> | > gets added to the repository for that]. Is there any case
>> | that's not
>> | > handled by doing this?
>> | >
>> |
>> | That's your _assumption_ of the sematics of a ROA. What
>> | reference material or working group draft can you cite for
>> | semantic interpretation of a ROA?
>> | draft-ieft-sidr-roa-validation? I don't think so. The point
>> | of hte BOA draft it that it challenges this assumption by
>> | taking the position that such route aorigination authorities
>> | are explicitly scoped to the authority described in the
>> | object, without the implicit inclusion of any other authority
>> | or denial.
>> 
>> So are you saying that an entity who is not owner of prefix 10/8
>> can issue an ROA for it and it would be present in/added to the
>> RPKI repository?
>> 
>
> The best answer I can give here is please read the sidr drafts. Your question 
> really makes me suspect that you have not done so.

I think Pradosh was asking his question about your statement, not the 
drafts.

The 10/8 and other non-globally-routed prefixes are, according to my 
reading of the drafts, intended to be protected within one AS by a local 
RPKI structure rooted on a local trust anchor.

--Sandy


>
>
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email