IETF Logo Mail Archive

[Sidrops] Fwd: [routing-wg] misconceptions about ROV

Randy Bush <randy@psg.com> Mon, 21 February 2022 21:36 UTC

Return-Path: <randy@psg.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4CFA3A003D for <sidrops@ietfa.amsl.com>; Mon, 21 Feb 2022 13:36:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5Z94wa1pPDiI for <sidrops@ietfa.amsl.com>; Mon, 21 Feb 2022 13:35:58 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A62D3A003E for <sidrops@ietf.org>; Mon, 21 Feb 2022 13:35:58 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.93) (envelope-from <randy@psg.com>) id 1nMGLa-000DTc-Is for sidrops@ietf.org; Mon, 21 Feb 2022 21:35:54 +0000
Date: Mon, 21 Feb 2022 13:35:54 -0800
Message-ID: <m2h78roqbp.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: SIDR Operations WG <sidrops@ietf.org>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/26.3 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/0mNShWmnImsRT-fG9gbDp9dGOQo>
Subject: [Sidrops] Fwd: [routing-wg] misconceptions about ROV
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Feb 2022 21:36:03 -0000

i should not have to say this, but ...


From: Randy Bush <randy@psg.com>
Subject: [routing-wg] misconceptions about ROV
To: RIPE Routing WG <routing-wg@ripe.net>
Date: Mon, 21 Feb 2022 13:13:00 -0800

lately, i am getting flak about ROV not providing protection from
this or that malicious attack.  indeed it does not.

in the ROV design, we DELIBERATELY did NOT try to cover malicious
attacks.  we also did not try to solve world hunger.

repeat 20 times: "ROV is not a security mechanism.  it is only meant
to ameliorate accidental misconfigurations."

yes, a screwdriver sucks as a hammer.

we do seem to see that route mis-originations are propagating less
widely; and presume this is due to ROV, especially in top tier
providers.  this is good.

and once more for good luck: "ROV is not a security mechanism.  it
is only meant to ameliorate accidental misconfigurations."

randy

v2.8.7 | Report a Bug | By Email