Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-ops-10
"Alvaro Retana (aretana)" <aretana@cisco.com> Fri, 09 December 2016 22:01 UTC
Return-Path: <aretana@cisco.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DD61129531 for <sidr@ietfa.amsl.com>; Fri, 9 Dec 2016 14:01:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.417
X-Spam-Level:
X-Spam-Status: No, score=-17.417 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bzAGu-qHuA-q for <sidr@ietfa.amsl.com>; Fri, 9 Dec 2016 14:01:46 -0800 (PST)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8057212950C for <sidr@ietf.org>; Fri, 9 Dec 2016 14:01:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5976; q=dns/txt; s=iport; t=1481320906; x=1482530506; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=mj7Xa4bAdBleeG79GmyF32vUmGmgKjU3PPe+CtO5GRQ=; b=SDTm2ENEDR5lhtbtrEZ6wrCwFXEiTPMtPckrTTMI06U9SJwpCm2nnEU1 jHfhr0REl/qhypb8XoKIAWPXgMzDfTwpuRxLl/VFlGats5pg4Sisr3hJv s9j79H/pt3eJYr4h5klO7b9h09TGG/afNN83cmuuTLRgLaNO6105obmI+ 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BsAQCCKUtY/4oNJK1dGgEBAQECAQEBAQgBAQEBgnNEAQEBAQEfWoEGB41CpnOFIoIKhiECGoFMPxQBAgEBAQEBAQFiKIRpBiNWEAIBCD8DAgICMBQRAgQOBYhrqwmCKS+KcAEBAQEBAQEBAQEBAQEBAQEBAQEBAR2GPoF9gl6HTC2CMAWaawGRIJBFkhgBHzeBITIBAYUlcodKgQ0BAQE
X-IronPort-AV: E=Sophos;i="5.33,325,1477958400"; d="scan'208,217";a="183770390"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 09 Dec 2016 22:01:39 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by alln-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id uB9M1d0k003357 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 9 Dec 2016 22:01:39 GMT
Received: from xch-aln-002.cisco.com (173.36.7.12) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Fri, 9 Dec 2016 16:01:38 -0600
Received: from xch-aln-002.cisco.com ([173.36.7.12]) by XCH-ALN-002.cisco.com ([173.36.7.12]) with mapi id 15.00.1210.000; Fri, 9 Dec 2016 16:01:38 -0600
From: "Alvaro Retana (aretana)" <aretana@cisco.com>
To: Randy Bush <randy@psg.com>
Thread-Topic: AD Review of draft-ietf-sidr-bgpsec-ops-10
Thread-Index: AQHSNR62bJsPySrh80ivtkDVsKGkYKD8P1SAgAFW4YCAAw9tgIAAIxiA///fuIA=
Date: Fri, 09 Dec 2016 22:01:38 +0000
Message-ID: <801A1E8B-2E71-4EA8-B6DB-5E7B5CAD9861@cisco.com>
References: <1FBAD3F8-5387-47A3-9988-A49A3133490A@cisco.com> <m2d1ha2ul2.wl-randy@psg.com> <C7A005B5-7550-4B74-8C80-C32C60093CD9@cisco.com> <m21sxkwozs.wl-randy@psg.com> <m2y3zra1ns.wl-randy@psg.com> <626EE1F7-878E-453A-A33B-DAAC21907261@cisco.com> <m2mvg44vgo.wl-randy@psg.com>
In-Reply-To: <m2mvg44vgo.wl-randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.1a.0.160910
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.86.249.235]
Content-Type: multipart/alternative; boundary="_000_801A1E8B2E714EA8B6DB5E7B5CAD9861ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/jdStgSZDJsNFoX1B2InCZXvAUzE>
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-ops-10
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Dec 2016 22:01:48 -0000
Yes, I agree. I just sent a message to the authors of the protocol spec (cc’d the WG) along the same lines. On 12/9/16, 7:57 PM, "Randy Bush" <randy@psg.com<mailto:randy@psg.com>> wrote: first the protocol spec needs to make clear if the real AS can proxy sign for a connected private AS. then i can hack the ops doc. seems to me that, as the real AS is required to strip the private AS from the path, the real AS should be able to proxy sign. but then who has the cert to create the roa, etc.?
- [sidr] AD Review of draft-ietf-sidr-bgpsec-ops-10 Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Chris Morrow
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Alvaro Retana (aretana)
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… joel jaeggli
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush
- Re: [sidr] AD Review of draft-ietf-sidr-bgpsec-op… Randy Bush