IETF Logo Mail Archive

Re: [sidr] New Version: draft-ietf-sidr-bgpsec-protocol-12

David Mandelberg <david@mandelberg.org> Tue, 23 June 2015 01:21 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25BC51A3BA0 for <sidr@ietfa.amsl.com>; Mon, 22 Jun 2015 18:21:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IBOVpk4SlqFl for <sidr@ietfa.amsl.com>; Mon, 22 Jun 2015 18:21:26 -0700 (PDT)
Received: from nm13-vm4.access.bullet.mail.gq1.yahoo.com (nm13-vm4.access.bullet.mail.gq1.yahoo.com [216.39.63.101]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EAB391B29F3 for <sidr@ietf.org>; Mon, 22 Jun 2015 18:21:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1435022484; bh=qJ3y8vKa40crlqjL/HOZ88aqNepCMJWvUky9bwn/+U8=; h=Date:From:To:Subject:In-Reply-To:References:From:Subject; b=gOGNFoxumj1LUYysDnZEVPPSBXNAvysWdslM4jawjL3oWuuUFQcKbD5/tnNp2gd96S2IpCpUf1AeRktMq74C/ixQlCsfpOtjX+MRL4L++acMsK/s4BFFHRz4oZjfeKaRsAtVVZV/9N98JVaTXTIfErMTMqjM8oRt0qrsvPQbkrzR77lCro4ZxXPhiS64m7MXvYCbjxX34WE+oDVwPjuBfLs58bB1vtpqrXFaY30+IdRyshdi58y6c1rDJ3wlLSBnAgk0Od7MxgboP4w1Vac7ptsbPkxKmPh9RwPmVayvJsHnq8Jbc6x8u/b/RhheQ3wYhWYZ9NN99bD4E67yuodNlg==
Received: from [216.39.60.170] by nm13.access.bullet.mail.gq1.yahoo.com with NNFMP; 23 Jun 2015 01:21:24 -0000
Received: from [98.138.226.244] by tm6.access.bullet.mail.gq1.yahoo.com with NNFMP; 23 Jun 2015 01:21:24 -0000
Received: from [127.0.0.1] by smtp115.sbc.mail.ne1.yahoo.com with NNFMP; 23 Jun 2015 01:21:24 -0000
X-Yahoo-Newman-Id: 491799.55668.bm@smtp115.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: aNeP96wVM1mIQwPgZubBLtiiSOfPlloq3SVf4mkviK_8Uli TPEN5oGbvhaTFw7B1KmRcQtAxtDdHK8GwJi1Z0MJ5TVMtoF1Rg2SWYIbpkQ6 gXept77MR0ZsPP8q402usbVXERTw2mZ3j2ve4SQSk14Vw.zH6rmPQg5OmRGI DPY7ohiHMelop29Jx_TQy.HrBZ2GTmxvjE2psc1BlpU3Ch5FOoEYrLXBCya5 qEKoOU9WqmJcl0jiMKNVkFVHrg9zyjyIObvk0xp7hc_dd_cCAnOkpEe7HQPT PAzDm__Lb5S9PcbxGG7AeWzhtJwL1Rgo86jQAjTqMtjtPhPX2J3zd5lGlNY8 MtWX2yIIAVDN4.16aPAsxZiR4ADSl_4hPJEH.nz4gDaY5FXNfrJtRwl0rFqo lO6Rd.BDNyY9.6.8CRrCpu6Y3woyJWQMkS.xMwHBrYwbafxqwPV5l0MG215S C6E74XD7nhj0iX2c4tVagCMIb_.n3lhOzxDm1kd5NHI0oSq.ySw4.mzszTCo 37ADvWPFOPAtxqLcm7O2nae0jqfy3PckH.WhAeA--
X-Yahoo-SMTP: 4kJJK.qswBDPuwyc5wW.BPAQqNXdy5j09UNyeAS0pyOQ708-
Received: from secure.mandelberg.org (c-76-24-31-176.hsd1.ma.comcast.net [76.24.31.176]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 48D9A1C605A for <sidr@ietf.org>; Mon, 22 Jun 2015 21:21:23 -0400 (EDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Date: Mon, 22 Jun 2015 21:21:22 -0400
From: David Mandelberg <david@mandelberg.org>
To: sidr@ietf.org
In-Reply-To: <37419C49-1FAC-44CD-A650-924BBF43A5C4@tislabs.com>
References: <CANTg3aBO=jb01DYcT3YPU305-nUpSmdSzF3GiG4ia1FP7r9H1w@mail.gmail.com> <CAL9jLaagZAsYJ5h+wiwpPYZmjiuWpk06wBFuXrNfvzhyjBDsbw@mail.gmail.com> <37419C49-1FAC-44CD-A650-924BBF43A5C4@tislabs.com>
Message-ID: <478403baff907c873e474e5e9b447fac@mail.mandelberg.org>
X-Sender: david@mandelberg.org
User-Agent: Roundcube Webmail/0.7.2
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/qxFOAhMqiXBz4OIS7WW-8tVf6Fo>
Subject: Re: [sidr] New Version: draft-ietf-sidr-bgpsec-protocol-12
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2015 01:21:27 -0000

On 2015-06-19 14:00, Sandra Murphy wrote:
> Anyone who commented on  draft-ietf-sidr-bgpsec-protocol-11.txt is
> encouraged to review this version and report if your comments have or
> have not been addressed.

My comments have been addressed, but I have some questions about the 
way one of them was addressed:

Is the MP_REACH_NLRI encoded with or without the attribute flags and 
type code?

Don't the values of MP_REACH_NLRI's "Length of Next Hop Network 
Address" and "Network Address of Next Hop" change with each hop, making 
it infeasible for remote ASes to verify the origin's signature?

MP_REACH_NLRI has a reserved field that "MUST be set to 0, and SHOULD 
be ignored upon receipt". If a BGPsec speaker receives an update where 
reserved is non-zero, what should it do? With the current text, I could 
interpret "SHOULD be ignored upon receipt" as meaning either "calculate 
the signature using the reserved field as received" or "calculate the 
signature using all zeroes in place of the reserved field".

-- 
David Eric Mandelberg / dseomn
http://david.mandelberg.org/

v2.23.0 | Report a Bug | By Email