IETF Logo Mail Archive

Re: [sidr] revision to draft-ietf-sidr-roa-validation

Terry Manderson <terry@terrym.net> Tue, 26 May 2009 23:39 UTC

Return-Path: <terry.mndrsn@gmail.com>
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3B3783A69EB for <sidr@core3.amsl.com>; Tue, 26 May 2009 16:39:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7t-xM0GZlqv5 for <sidr@core3.amsl.com>; Tue, 26 May 2009 16:39:36 -0700 (PDT)
Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.158]) by core3.amsl.com (Postfix) with ESMTP id E93E23A6822 for <sidr@ietf.org>; Tue, 26 May 2009 16:39:35 -0700 (PDT)
Received: by fg-out-1718.google.com with SMTP id 13so1214322fge.18 for <sidr@ietf.org>; Tue, 26 May 2009 16:40:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:cc:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=AUbnO4GhP8Un5QIfWSkQ5VsiCxenK0lZ+iTv8Vv518w=; b=eRv3sanEvJNefsAdWEyzfIip0ZKfTmjAPAnPeZXp7BqwTmW+AKkAEktwcu4c0O2Xum lA6QGbK3LiYOA3EYtWnIR6Fwk7xvQSz2VxiezBiobzzxA61pHuNazOpBlPj5S4n8oURS 3SW8F2E+XSMBRNdgho37bNiplpPNU77w/sUcU=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:cc:message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=jZtb8/SAab7TWYahLzWpLF1l/timpc/cY1fhxOroHIR6lOvG1E2s6bkoEBh5PuuDYf q0hlJnafy5IS2Q086NjYyMY1Uz31UctrM/Uuj4w26WMdKequ7EZasO7wpYPSwfuwEzGL RLLvyOePL3N2usixzq/PJpUaeUhCaFiUkZ4KI=
Received: by 10.86.4.7 with SMTP id 7mr7562683fgd.46.1243381259110; Tue, 26 May 2009 16:40:59 -0700 (PDT)
Received: from ?192.168.1.101? ([114.77.128.245]) by mx.google.com with ESMTPS id d6sm14322989fga.17.2009.05.26.16.40.55 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 26 May 2009 16:40:57 -0700 (PDT)
Sender: Terry Manderson <terry.mndrsn@gmail.com>
Message-Id: <BDB8E8C2-0141-40F0-9471-1343D6ACB10E@terrym.net>
From: Terry Manderson <terry@terrym.net>
To: Geoff Huston <gih@apnic.net>
In-Reply-To: <561CF52A-FFDE-409A-81B4-0A68F5C73718@apnic.net>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v930.3)
Date: Wed, 27 May 2009 09:40:49 +1000
References: <561CF52A-FFDE-409A-81B4-0A68F5C73718@apnic.net>
X-Mailer: Apple Mail (2.930.3)
Cc: sidr@ietf.org, Sandy Murphy <sandy@tislabs.com>
Subject: Re: [sidr] revision to draft-ietf-sidr-roa-validation
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2009 23:39:37 -0000

On 27/05/2009, at 6:39 AM, Geoff Huston wrote:

> Hi Sandy,
>
> WG co-chair hat OFF.
>
> Following the WG discussion on the topic of ROA validation at IETF  
> 74 the draft's authors gained the
> impression that the rough consensus position from the last SIDR WG  
> meeting was to drop to drop the concept of BOAs and use only ROAs.

Please be clear that impression is only that of the authors of the ROA  
validation draft and any others that may be against the idea of saying  
"no, this resource may not be routed".

I don't recall a 'raise hands' or 'hum' call for dropping the BOA idea  
at the WG.

Perhaps that question can be asked at Stockholm, however I think the  
observation raised in IETF 74, that without well defined use cases  
which would lead to what objects (and functions) are appropriate, it  
is amazingly premature to drop the BOA concept midway. Fine to suggest  
it - but understand the reasons why.

My personal observation of IETF 74 was a glaring misunderstanding of  
the concept of negative attestation versus contradictory attestation.  
A negative attestation like that provided by a BOA is a perfectly  
valid and well used security construct. In fact, every security  
product in existence uses it. Should RPKI not have such an ability  
leaves it bereft of the expected controls that a resource holder may  
need.

An additional (personal) observation is that the BOA in its original  
form was far reaching and usurped the make before break concept. This  
is rectified in the latest revision draft-ietf-sidr-bogons-03.txt to  
allow only the valid resource holder to make such statements.

> The authors have prepared a revision to the WG document that  
> reflects that understanding. However, the authors would like to  
> confirm that impression with yourself as the relevant co-chair and  
> with the WG, via this note, before submitting this document as draft- 
> ietf-sidr-roa-validation-02.txt. You, and WG members of course, can  
> review the proposed revisions to the WG document that reflect what  
> the authors believe is the WG's rough consensus position on this  
> topic at draft-huston-sidr-roa-validation-01.txt

However - that said, I think untangling the BOA from ROA validation is  
the right thing to do, just not for the reasons you state. ROAs are  
the higher order object, any other RPKI object in a make before break  
paradigm must be in deference to the ROA.

Terry

v2.23.0 | Report a Bug | By Email