Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End Jul 02 2015
Geoff Huston <gih@apnic.net> Tue, 30 June 2015 02:38 UTC
Return-Path: <gih@apnic.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 525C41B2F6F for <sidr@ietfa.amsl.com>; Mon, 29 Jun 2015 19:38:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.801
X-Spam-Level:
X-Spam-Status: No, score=-101.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11Z2CHCUoBQc for <sidr@ietfa.amsl.com>; Mon, 29 Jun 2015 19:38:40 -0700 (PDT)
Received: from ao-mailgw.apnic.net (ao-mailgw.apnic.net [IPv6:2001:dd8:8:701::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E622B1B2F6A for <sidr@ietf.org>; Mon, 29 Jun 2015 19:38:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.net; s=c3po; h=received:received:content-type:mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to:x-mailer:return-path: x-originating-ip; bh=qGzt7zC6TgYX+roNp/wXGZ1DAMMmhlkptzBN/nrF6Vo=; b=oMVDRiydkUawyxlWyM5d6I7Y5a5IZ45rY1YpVdqnw6/WNwJFw/Ff+UcJq4Ru9l+ISW2cd5I9gH74/ 55eFr7QbsGFMG//AzrxhQ6Bb/pZDNCNY0NfTSwdE5p+D9ysgvKnjQofulvM00bySDij+BlRVvMjLc9 K0quh0odGLa0k8yM=
Received: from NXMDA2.org.apnic.net (unknown [IPv6:2001:dd8:9:2::101:249]) by ao-mailgw.apnic.net (Halon Mail Gateway) with ESMTPS; Tue, 30 Jun 2015 12:39:03 +1000 (AEST)
Received: from [192.168.1.132] (203.119.101.249) by NXMDA2.org.apnic.net (203.119.107.21) with Microsoft SMTP Server (TLS) id 14.1.218.12; Tue, 30 Jun 2015 12:39:57 +1000
Content-Type: text/plain; charset="windows-1252"
MIME-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Geoff Huston <gih@apnic.net>
In-Reply-To: <55916A04.6020706@innovationslab.net>
Date: Tue, 30 Jun 2015 12:38:28 +1000
Content-Transfer-Encoding: quoted-printable
Message-ID: <50633CF9-F5E7-4E22-ACAE-29DCE24E1FB3@apnic.net>
References: <55828BEC.9010605@ops-netman.net> <BDDD7570-1F1C-4A25-8755-6E2A2E361659@gmail.com> <558AC489.1030900@innovationslab.net> <E3CE8773-943C-4033-BF64-C3A43344F027@apnic.net> <55916A04.6020706@innovationslab.net>
To: Brian Haberman <brian@innovationslab.net>
X-Mailer: Apple Mail (2.2098)
X-Originating-IP: [203.119.101.249]
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/eYdofcxTgZGm2fFjylII7PgzoB8>
Cc: sidr@ietf.org
Subject: Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End Jul 02 2015
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2015 02:38:42 -0000
thanks Brian, Just a couple of minor pickups left : … >> so I think we are talking past each other. Lewt me try to explain myself with a simply question >> >> How should I represent the following ranges of number resources in a canonical format according to this draft? > > Given the change proposed above... > >> >> a) the IPv4 address range 10.0.0.0 through to 10.0.2.255 ? > > 10.0.0.0/22 (<address-prefix> per RFC 2622). > that address range encompasses 3 x /24s 10.0.0.0/24, 10.0.1.0/24 and 10.0.2.0/24 so that list is one alternative a second alternative is the list 10.0.0.0/23, 10.0.2.0/24 a third alternative is the address range 10.0.0.0- 10.0.0.2.255, but thats not CIDR So this intent is to define a single cononical representation that allows rapid comparison, right? so you either use CIDR and allow for a list, or you revert to a range presentation and refer to start and finish addresses. But either way you need to clarify how to reer to ranges that are not conveniently aligned into a single CIDR boundary >> >> b) the ASN range 131072 through to 131075 > > Several ways, but an as-block works well (as-block: AS131072 - AS131075, > per RFC 2725 and applying the ASPLAIN representation). It could also be > represented using as-list or as-set. However, that would require > additional requirements that those attributes be signed as well. right - how to represent a range of AS’s is the underlying question here. > >> >> c) the IPv6 range 2001:0:0:0:0:2:0:0:0 through to 2001:0:0:0:0:5:ffff:ffff:ffff >> > > First, I am going to assume that the last 16 bits are extraneous (unless > IPv6 addresses are now 144 bits long). > > 2001::/93. > the problem here is that the start of this block is not 2001:0:0:0:0:0:0:0, but 2001:0:0:0:0:2:0:0 so once more this is a range of addresses not a single CIDR prefix. What is the proposed canonical representation of this range of addresses? > Other examples that include hex digits need to apply the normalization > described in RFC 5952. > > So, I think that one item that needs clarifying is the intent to re-use > RPSL attributes as much as possible and apply normalization where there > could be ambiguities. That can be done in the intro. I will add some > additional text to section 3 to clarify that the originator of the data > needs to pick the appropriate attributes to represent the data and > normalize the values as needed. > yep - RFC3779 did that already, and you may want to use that canonical representation without the ASN.1 goop and use ascii instead, or you may have another preferred canonical format, BUT it is essential that the spec clearly and unambigously delas with address ranges. (You may also want to consider discontiguous address ranges - I dunno if they exist in the route registries, but if they do then its in scope here) Geoff
- [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End Jul 0… Chris Morrow
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Geoff Huston
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Geoff Huston
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Geoff Huston
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Brian Haberman
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Geoff Huston
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Brian Haberman
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Geoff Huston
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Stephen Kent
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Christopher Morrow
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Stephen Kent
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Christopher Morrow
- Re: [sidr] WGLC: draft-ietf-sidr-rpsl-sig - End J… Sandra Murphy