Re: [sidr] I-D Action: draft-ietf-sidr-rpki-rtr-23.txt

Randy Bush <randy@psg.com> Thu, 12 January 2012 19:11 UTC

Return-Path: <randy@psg.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3464321F8577 for <sidr@ietfa.amsl.com>; Thu, 12 Jan 2012 11:11:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.514
X-Spam-Level:
X-Spam-Status: No, score=-2.514 tagged_above=-999 required=5 tests=[AWL=0.085, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kkfPp9rLVEaZ for <sidr@ietfa.amsl.com>; Thu, 12 Jan 2012 11:11:45 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by ietfa.amsl.com (Postfix) with ESMTP id 8AB1321F85C6 for <sidr@ietf.org>; Thu, 12 Jan 2012 11:11:45 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=rair.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <randy@psg.com>) id 1RlQ3s-0009le-MA; Thu, 12 Jan 2012 19:11:44 +0000
Date: Thu, 12 Jan 2012 11:11:44 -0800
Message-ID: <m28vlcka6n.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Danny McPherson <danny@tcb.net>
In-Reply-To: <5A64D71D-F778-450A-9BAC-BCC78C93A021@tcb.net>
References: <20120109151153.7946.29762.idtracker@ietfa.amsl.com> <m24nw4syc0.wl%randy@psg.com> <6855CE88-68E6-49BE-94D0-EA19ACE07F69@tcb.net> <p06240803cb32917ccb3c@[172.20.8.192]> <m21ur7nf7k.wl%randy@psg.com> <5A64D71D-F778-450A-9BAC-BCC78C93A021@tcb.net>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-rpki-rtr-23.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jan 2012 19:11:46 -0000

> Do you foresee rpki-rtr being "augmented" for router on- boarding of
> additional RPKI-derived data to enable things like those provided in
> the BGPSEC protocol document, e.g., S.5 of bgpsec-protocol I-D:

i think so, but i am a bit worried as about this waterboarding stuff.

> If this is the intention, then have you selected the publication 
> dates for the documents that "augment" this brand new rpki-rtr 
> protocol

i think the norm is to get some experience with v0 (the protocol version
number in the pdus, a la bgp_4_) before going to v1.  but, as with most
things, i could be wrong.

> I'd like to know when I need to factor those documents as well?

as i have no idea how to factor a document or how much lead time
factoring takes, even if i knew when v1 could be out which i don't, i
would not be able to answer.

> A general observation is that while this piecemeal draft progression
> approach appears well designed to pass IETF publication gates

perhaps a focus on engineering, as opposed to mis-guessing and impugning
others' motives, would be productive.

in the current taxonomy, there are three pieces, the rpki, rpki-based
origin validation, and then path validation.  rpki-rtr as it stands is
part of origin validation, and the docs for origin validation are going
through the sausage machine now.  path validation is in early to mid
design, documents are in high flux or unwritten, and are nowhere near
ready to be considered sausage.

the semantics of an rpki-rtr pdu needed to support the most recent path
validation drafts are obvious.  but, as principal author of rpki-rtr, i
am already grossly and embarrassingly behind on revisions of at least
three other docs (two for origin validation!!), origin-ops,
pfx-validate, and bgpsec-reqs.  so i have no time to chase document
drift in the very drafty path validation specs even if it was
appropriate to do so, which imiho it is not.  they're drifty enough that
an interim is being held just to discuss one tough aspect and see if a
very different conceptual area can be understood well enough to be added
to the goals.

and getting v0 of rpki-rtr through the sausage machine already has
consumed a silly amount of wall clock, tyvm.

randy