Re: [sidr] [Sidrops] [Technical Errata Reported] RFC6482 (7525)
Job Snijders <job@fastly.com> Wed, 31 May 2023 17:41 UTC
Return-Path: <jsnijders@fastly.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA179C152564 for <sidr@ietfa.amsl.com>; Wed, 31 May 2023 10:41:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YpzH3zeX8PS7 for <sidr@ietfa.amsl.com>; Wed, 31 May 2023 10:41:35 -0700 (PDT)
Received: from mail-oo1-xc2d.google.com (mail-oo1-xc2d.google.com [IPv6:2607:f8b0:4864:20::c2d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 96FE3C152F1C for <sidr@ietf.org>; Wed, 31 May 2023 10:39:24 -0700 (PDT)
Received: by mail-oo1-xc2d.google.com with SMTP id 006d021491bc7-558565cc58fso551063eaf.0 for <sidr@ietf.org>; Wed, 31 May 2023 10:39:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1685554763; x=1688146763; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=WyG8VjZasStj1p4J2xAu/rJZF8zLVuBchWmy2nfM538=; b=sRsSUJaJiiILFpRzN4Lmnd7n271ZUJ3dO04TjXQsKgNKAdtb/sgC3aHC7rt8dilzDZ AZFCPEO4di4c9YVhwN3BOUisy6FuPGUnKjBmchgG9fvNjG61T6/BHIYT47bkBsQPIBEn YVtoKV/bSefXyVRCsE42wpJWHzkG49Lvz3BCI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685554763; x=1688146763; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WyG8VjZasStj1p4J2xAu/rJZF8zLVuBchWmy2nfM538=; b=RdU8XWX+p9DDxg3mFj/LWR/WGzoImwogjYiTnKYQWwPHV2T/TdFxeHqDxLcwqzWKMx 8Yc9I+yW02TFKh8PfGfFe2vKTdcIE23bEaSAV9q/5iSCZb4R6p13Aqyz+CVhz/3snu4m BjGs/pZXVWWA7ytd5ogzke1qWP40ocaS9IJ55yBtzAzV0MenI9KlhcgS/7B8r2aj0rWw pjvUPmWZnv328OPNAQVXxi+sivvXATRWZI4GivexfMX5O3PsH6AHyYWjISARtyWwHhrW ZuzjfH6p5WyNGEYCFSZ9LUb+aEEnYtw+6wtRWe8mwCrwhJZzIiLlFxO5xqpH1t6dmYJy e4YQ==
X-Gm-Message-State: AC+VfDys7NmyhJAJnLKemvE1+ROiiAuhGxG/dYQLGtKFD9fNa0ZSFf0E QSX6AvESNu0OUgnTRNaVoNmjvtCyXw96ySXDvO00Jw==
X-Google-Smtp-Source: ACHHUZ63GIkbpp6p6ncb9XFP2IwtXPw27i4adIlZYkjvrRu1zsHaFUwO9kiZbqN2UlsAuPs6VY+kyhW6YO0V1ebYf6M=
X-Received: by 2002:a4a:378a:0:b0:555:722e:3ca with SMTP id r132-20020a4a378a000000b00555722e03camr3804652oor.5.1685554763566; Wed, 31 May 2023 10:39:23 -0700 (PDT)
MIME-Version: 1.0
References: <20230526184930.82A2255D5E@rfcpa.amsl.com> <14822925-681F-44D9-AE5C-3BC00E140674@juniper.net>
In-Reply-To: <14822925-681F-44D9-AE5C-3BC00E140674@juniper.net>
From: Job Snijders <job@fastly.com>
Date: Wed, 31 May 2023 19:39:12 +0200
Message-ID: <CAMFGGcBzaSxgfOobDqt4_1Rq10GeoikDQd=gWV7ZUrzzMYZ3PQ@mail.gmail.com>
To: John Scudder <jgs=40juniper.net@dmarc.ietf.org>
Cc: Alvaro Retana <aretana.ietf@gmail.com>, Andrew Alston <andrew-ietf@liquid.tech>, Chris Morrow <morrowc@ops-netman.net>, Jim Guichard <james.n.guichard@futurewei.com>, "dkong@bbn.com" <dkong@bbn.com>, "kent@alum.mit.edu" <kent@alum.mit.edu>, "mlepinski.ietf@gmail.com" <mlepinski.ietf@gmail.com>, "sachaboudjema@gmail.com" <sachaboudjema@gmail.com>, "sandy@tislabs.com" <sandy@tislabs.com>, "sidr@ietf.org" <sidr@ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000eeb8af05fd00ccdb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/qIT_7kTrBiDW66XZH2nEoTJQY8A>
Subject: Re: [sidr] [Sidrops] [Technical Errata Reported] RFC6482 (7525)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 May 2023 17:41:39 -0000
Dear John, I think the report is correct, and it seems we already resolved it in the -bis effort: https://www.ietf.org/archive/id/draft-ietf-sidrops-rfc6482bis-03.html Section 4.3.1 of the -bis contains the same sentence the errata report proposed “The addresses field represents prefixes as a sequence of type ROAIPAddress.” The new description of ROAIPAddress also emphasises the “address” field contains a single prefix. It would be good to confirm with the reporter whether the description in the -bis document matches their understanding of the ASN.1 notation. If the -bis document as-is matches their understanding, it might mean that multiple people independently observed a discrepancy in the original RFC. :-) Kind regards, Job Ps. There is an “addresses” field in one structure, and in another structure an “address” field. :-) On Wed, 31 May 2023 at 19:01, John Scudder <jgs=40juniper.net@dmarc.ietf.org> wrote: > +sidrops > > The substance of the erratum is: > > - The sentence "The addresses field represents prefixes as a sequence of > type ROAIPAddress” is added at the end of the first paragraph. > > This seems like an OK change although not a necessary one. If verified, > it’d be as editorial Hold For Document Update. It doesn’t seem like it adds > much to the spec, so I’m not inclined to verify it but could be talked into > it. > > - In the second paragraph: > - “a ROAIPAddress structure” -> “the ROAIPAddress structure” (“a” > becomes “the”) > - The ROAIPAddress structure changes from a sequence of IPAddress, > to a single IPaddress (capitalization sic) > > The submitter says this change would align the prose description with the > ASN.1. However, I don’t see that — I’m hardly an ASN.1 expert, but on the > face of it, this (from Appendix A, also present in Section 3) looks like a > sequence, not a singleton. The word “sequence” is right there, in ALL CAPS > even. > > ROAIPAddress ::= SEQUENCE { > address IPAddress, > maxLength INTEGER OPTIONAL } > > As far as I can tell, this change is wrong and should be rejected. > > I would appreciate a second opinion from someone more conversant with the > RFC and associated technology than I am before I reject it. > > —John > > > On May 26, 2023, at 2:49 PM, RFC Errata System < > rfc-editor@rfc-editor.org> wrote: > > > > > > The following errata report has been submitted for RFC6482, > > "A Profile for Route Origin Authorizations (ROAs)". > > > > -------------------------------------- > > You may review the report below and at: > > > https://urldefense.com/v3/__https://www.rfc-editor.org/errata/eid7525__;!!NEt6yMaO-gk!GngQXDPNfl9uVTFUdN8h1LmYMMzXgBRp-NQTdsuPLKBo7KLOI4k9kFTNxaLsmnpNBXUj3GVFEfbA57aSAEPHFg$ > > > > -------------------------------------- > > Type: Technical > > Reported by: Sacha Boudjema <sachaboudjema@gmail.com> > > > Section: 3.3 > > > > Original Text > > ------------- > > Within the ROAIPAddressFamily structure, addressFamily contains the > Address Family Identifier (AFI) of an IP address family. This > specification only supports IPv4 and IPv6. Therefore, addressFamily MUST > be either 0001 or 0002. > > > > Within a ROAIPAddress structure, the addresses field represents prefixes > as a sequence of type IPAddress. (See [RFC3779] for more details). If > present, the maxLength MUST be an integer ... > > > > > > Corrected Text > > -------------- > > Within the ROAIPAddressFamily structure, addressFamily contains the > Address Family Identifier (AFI) of an IP address family. This > specification only supports IPv4 and IPv6. Therefore, addressFamily MUST > be either 0001 or 0002. The addresses field represents prefixes as a > sequence of type ROAIPAddress. > > > > Within the ROAIPAddress structure, the address field represents an IPv4 > or IPv6 prefix of type IPaddress (See [RFC3779] for more details). If > present, the maxLength MUST be an integer ... > > > > Notes > > ----- > > Original text contradicts does not align with normative ASN.1 schema. > > > > Instructions: > > ------------- > > This erratum is currently posted as "Reported". If necessary, please > > use "Reply All" to discuss whether it should be verified or > > rejected. When a decision is reached, the verifying party > > can log in to change the status and edit the report, if necessary. > > > > -------------------------------------- > > RFC6482 (draft-ietf-sidr-roa-format-12) > > -------------------------------------- > > Title : A Profile for Route Origin Authorizations (ROAs) > > Publication Date : February 2012 > > Author(s) : M. Lepinski, S. Kent, D. Kong > > Category : PROPOSED STANDARD > > Source : Secure Inter-Domain Routing > > Area : Routing > > Stream : IETF > > Verifying Party : IESG > > _______________________________________________ > Sidrops mailing list > Sidrops@ietf.org > https://www.ietf.org/mailman/listinfo/sidrops >
- [sidr] [Technical Errata Reported] RFC6482 (7525) RFC Errata System
- Re: [sidr] [Technical Errata Reported] RFC6482 (7… John Scudder
- Re: [sidr] [Sidrops] [Technical Errata Reported] … Job Snijders
- Re: [sidr] [Sidrops] [Technical Errata Reported] … John Scudder
- Re: [sidr] [Technical Errata Reported] RFC6482 (7… Russ Housley