IETF Logo Mail Archive

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

"Roque Gagliano (rogaglia)" <rogaglia@cisco.com> Mon, 05 May 2014 16:19 UTC

Return-Path: <rogaglia@cisco.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AF701A03A6 for <sidr@ietfa.amsl.com>; Mon, 5 May 2014 09:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.152
X-Spam-Level:
X-Spam-Status: No, score=-15.152 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id axbT7k6nvSkl for <sidr@ietfa.amsl.com>; Mon, 5 May 2014 09:19:02 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) by ietfa.amsl.com (Postfix) with ESMTP id 099301A0382 for <sidr@ietf.org>; Mon, 5 May 2014 09:19:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1303; q=dns/txt; s=iport; t=1399306739; x=1400516339; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=JtrLNTV2FSMbZCHYKnqcaeNMhpr8LxhqXxxd0ENUHSs=; b=ER4gUXMxDzB2hTtqn8Ssvi6x4dkES4+/Tiq/CM9MMlbd+kuDcuAKnmOs ko96YnT5j3IHHfCex1SxSG32FM+hAM8cta/UZvvbJB1bHPZwVvMme1MYq v/YVBdzVCudw/xnET6gtmKz9g53KC4Jky0rF+i0Y20d8IsyjIzUFvHz0X I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AjsHAIy5Z1OtJV2Z/2dsb2JhbABZgwZPWKowAQIFAZJRhzuBGBZ0giUBAQEDAQEBATc0CwULAgEINhAnCyUCBA4FiDkIDctZEwSFVohJMweDKoEVBJk0knSDNIIv
X-IronPort-AV: E=Sophos;i="4.97,989,1389744000"; d="scan'208";a="322289382"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-1.cisco.com with ESMTP; 05 May 2014 16:18:58 +0000
Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id s45GIwRf003728 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 5 May 2014 16:18:58 GMT
Received: from xmb-rcd-x02.cisco.com ([169.254.4.118]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.03.0123.003; Mon, 5 May 2014 11:18:58 -0500
From: "Roque Gagliano (rogaglia)" <rogaglia@cisco.com>
To: Randy Bush <randy@psg.com>
Thread-Topic: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs
Thread-Index: AQHPaH23g+Y1On9pTU2gzdMektI5tA==
Date: Mon, 05 May 2014 16:18:57 +0000
Message-ID: <F415D68C-DC4B-4DA1-9DC8-FB4CB06558B9@cisco.com>
References: <52D072F6.9030304@ops-netman.net> <52D0A0AC.5040903@ops-netman.net> <CF07E61E.AF86%wesley.george@twcable.com> <m238kcea01.wl%randy@psg.com> <CF0BE8F1.B1BE%wesley.george@twcable.com> <m2a9ehjto3.wl%randy@psg.com> <52E92B20.9060505@bbn.com> <CAL9jLaapjPL0_OU8-L0U5BiLXPPoEhkCZym=7R_qDDLSobKVjA@mail.gmail.com> <m2iosq8f9e.wl%randy@psg.com> <CAL9jLab5=JNbPRMji7xWWCR_+QLRpbguShU7K_Uu56jYxKymZw@mail.gmail.com> <m2vbucdkqi.wl%randy@psg.com> <CAL9jLaYeqtqf9ewN=A7Zxnx6xRGxV=64_TyX3NLgWUt237tCkg@mail.gmail.com> <m2ioqbed03.wl%randy@psg.com>
In-Reply-To: <m2ioqbed03.wl%randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.155.144.166]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <14981CEC1BDAA64AA1F3F9515F40D952@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/esR6z2ujZ0vN13p0WCs4PMRlYxk
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 16:19:05 -0000

Randy,

> while checking the docco, i found
>>> 
>>>   3.14  While the trust level of a route should be determined by the
>>>         BGPsec protocol, local routing preference and policy MUST then
>>>         be applied to best path and other routing decisions.  Such
>>>         mechanisms SHOULD conform with [I-D.ietf-sidr-ltamgmt].
>>> ...
>>>   3.17  If a BGPsec design makes use of a security infrastructure, that
>>>         infrastructure SHOULD enable each network operator to select
>>>         the entities it will trust when authenticating data in the
>>>         security infrastructure.  See, for example,
>>>         [I-D.ietf-sidr-ltamgmt].

What about adding that "the connection to this security infrastructure MUST be through a secure channel"?

>>> 
>>> those references would seem to be obe.  dunno what to do with the first,
>>> drop it?  the second might ref lta-use-cases.
>> 
>> losing the last sentence in the first seems ok.  and the second moving
>> to use-cases seems ok to me...
> 
> anyone else have input on this one, well, these two?

Proposed changes sounds good.

r.

> 
> randy
> 
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email