Re: [Sidrops] WGLC - draft-ietf-sidrops-validating-bgp-speaker - ENDS 09/07/2018 - Sept 7th 2018
"Borchert, Oliver (Fed)" <oliver.borchert@nist.gov> Wed, 30 October 2019 17:50 UTC
Return-Path: <oliver.borchert@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DC8212001A for <sidrops@ietfa.amsl.com>; Wed, 30 Oct 2019 10:50:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ixaCpSi6lVhZ for <sidrops@ietfa.amsl.com>; Wed, 30 Oct 2019 10:50:10 -0700 (PDT)
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (mail-eopbgr840122.outbound.protection.outlook.com [40.107.84.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B78112000F for <sidrops@ietf.org>; Wed, 30 Oct 2019 10:50:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PEsqCumasCj5bhXofvXGYztl0jIu8ARBlf5Zc4Bntn3wto0z/aoEZuLjpnqe0s6OCHLxqMSeUdeYYLYopSjZhaGrforO/k2L31t2QegMvDUCCa/Tj/Nu/z/GFfx9CjerYe9gT1tthRU5Oz88yOkoIPgveHRH37AHsT6RyAxxFlswuIwnLdIdrnk1/bzgFx4eKU5V5PAaaqNvFiIHqRToVHwDvdccncDOL+t8ZmjRd5oN+Ss7TDXtoX7om3NukZ/HuDj/z3EmTne7v1uatQ8gJ7fmLk9oT/phrBf8XBMaCMHWH0Gb1S+HQN9p9oMfOwLAc1h3VM5g+EW8PEtYhnjNew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7UhX4f+zJ1ZrpNQ+9WrfsSK0CQYNdndBoG21EVS+f60=; b=W5oo9F/JNR7M/2mK20usKAGJeaxw9CXHKWBKtH3t0vmyj3Cg5R4fkfa1DWyz5Zy9KAFQkjG6ZsTwNGcXypuAohP1/7QejsIMjcC5ga3RHI2nOpfYpvk3ZTrtKLn7Yb07dC+wvpl62WF0h8S9DHe1D8E5aJCSvRSHUVZQRwiHMBfg4qIpdzUnNz0b5aalixdTEuQs+2GxV0crnmQtJeOTAVTKQGKZGEq7UbuCz5MV9lhHPgvp+RFRnTRhMDAdgSsn9FYcHYZi4Xqdpic3BiXr6cqui7ok5USYusr8rMIH/9tU+k+KmdXZ2m4bLLQULYP6B6kuM32ulxbMbjiSbUvnGA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7UhX4f+zJ1ZrpNQ+9WrfsSK0CQYNdndBoG21EVS+f60=; b=zi+Rg/Kyd2RXzoewYKJP5ZWNPyV6Uj8Xe1m2HzAherDBvKmLotDzVyMBmTu82H7MqxMhu7MoKsEmtfI5ErWTNNsDATyJCdujbKcBH5GAhYgFJsww1eY/XUIumHob2fu3hNYOfGaSAN51iJ9d7YdcJVJJB8d5RazLIfZS6Eh1tr4=
Received: from SN6PR09MB3024.namprd09.prod.outlook.com (20.177.251.157) by SN6PR09MB2893.namprd09.prod.outlook.com (52.135.90.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2387.22; Wed, 30 Oct 2019 17:50:07 +0000
Received: from SN6PR09MB3024.namprd09.prod.outlook.com ([fe80::b079:51b9:8bfa:2acd]) by SN6PR09MB3024.namprd09.prod.outlook.com ([fe80::b079:51b9:8bfa:2acd%6]) with mapi id 15.20.2387.028; Wed, 30 Oct 2019 17:50:07 +0000
From: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
To: Randy Bush <randy@psg.com>, Christopher Morrow <christopher.morrow@gmail.com>
CC: SIDR Operations WG <sidrops@ietf.org>, Daniel Kopp <daniel.kopp@de-cix.net>, Job Snijders <job@ntt.net>, "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
Thread-Topic: [Sidrops] WGLC - draft-ietf-sidrops-validating-bgp-speaker - ENDS 09/07/2018 - Sept 7th 2018
Thread-Index: AQHUOifAhl7zE1LMVU2nqG1i5PteIKTL8neAgAMH8gCAEWE+gIAA7XyAgAAYbQCAAfNCgIAABTQAgAGYyoCCjf5JgIAAEWcAgALbDwA=
Date: Wed, 30 Oct 2019 17:50:07 +0000
Message-ID: <B41CC456-40F8-4D6C-8B5B-CD7705A1C6E7@nist.gov>
References: <CAL9jLaYqGt1+f3GaccNwjPOHxM34ifWDu5bhRx24PMYHpqV4XQ@mail.gmail.com> <20180822161549.GA1021@hanna.meerval.net> <42CA116C-4F74-4D31-A58E-3D7528FC529F@de-cix.net> <CAL9jLaaYzZmGVgEPfuDze5D_yN5x_CMKFEnY7XwM2F7EycwEOQ@mail.gmail.com> <m2y3cgo4ta.wl-randy@psg.com> <20180905073454.GU3097@hanna.meerval.net> <16AB499B-D859-48D2-9C36-AAF4C6F29B1C@de-cix.net> <20180906134026.GC3097@hanna.meerval.net> <F812E3F2-8882-410F-82A2-942BA3B3096C@de-cix.net> <CAL9jLaZrVYDyUEWVqn992wxGMurGsjrmDeu-jjR6Rp6smCv+1g@mail.gmail.com> <m2a79kd9gz.wl-randy@psg.com>
In-Reply-To: <m2a79kd9gz.wl-randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1e.0.191013
authentication-results: spf=none (sender IP is ) smtp.mailfrom=oliver.borchert@nist.gov;
x-originating-ip: [2610:20:6222:140:a4f5:713d:1ea1:f9a2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 5835e85c-486a-41e8-b19e-08d75d619a48
x-ms-traffictypediagnostic: SN6PR09MB2893:|SN6PR09MB2893:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <SN6PR09MB2893CFAA8ED60577CFE6309D98600@SN6PR09MB2893.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02065A9E77
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(39860400002)(366004)(136003)(346002)(199004)(189003)(76176011)(66556008)(64756008)(186003)(6512007)(66476007)(478600001)(6506007)(66946007)(316002)(86362001)(107886003)(58126008)(66446008)(102836004)(76116006)(45080400002)(4326008)(14454004)(91956017)(6116002)(2906002)(14444005)(7736002)(486006)(5660300002)(6246003)(36756003)(6306002)(6436002)(46003)(8936002)(229853002)(81166006)(33656002)(8676002)(81156014)(2616005)(110136005)(446003)(11346002)(54906003)(256004)(99286004)(71200400001)(476003)(71190400001)(305945005)(25786009)(6486002)(966005); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR09MB2893; H:SN6PR09MB3024.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: E+Li9tPhkq+dC4G9n8YkgzvPu/08HKo+XMeRWOhpiYPTuRSS21QTRbsJTDMrVBWoCCjklEoBCKoK1gXe5+JrzkiKKpc9VKl5WoUmWqJMxt7GTUDd1P/Y3tjBnhialSQxADjXxv1C1RLOMLtWo1+whuV0MzBpgVc4D5GceeIngCsqjREktSbgWxhCLS4HR5FEQAvIMiQgH6DF/hyNYeedGxJi3YLGaUb0olfYYwNF6Q8kHv8bEqyoGXacuVyRprRnNAuHDZcegpSeWLbCXNfqVD1/a8ncv9Wls8W2hxaL8haMbp6vUB0qmF9h6OMXjLpZ18ZbR4t8D3Sk39D8Shvidn9GUoN6fusaCUFK3nm+zf0a/4LFt06hqpq3NJ4U6dRzNCsGP3wFkSUtlsEdxYK27fLiPAhGMQTro40meDj2UNP3ZQZHwa5uuRdv3RTzhC3usjnxPkpl9WvRs2XWHF6DxxualyHTcrM/8PWLaJw01os=
Content-Type: text/plain; charset="utf-8"
Content-ID: <E0BB3431912B404998C046F80EA334A4@namprd09.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 5835e85c-486a-41e8-b19e-08d75d619a48
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Oct 2019 17:50:07.5142 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WtC4ccL7oqLjLotif5qaFI3uR40/vH4fw8N5AhlPp8o8sn2+YWkl1W+23C+4ipgJ7C04BE2FVBG3iAJuJIxBHQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR09MB2893
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/8CfY2T07U81igfwAxGzjF5aq1iQ>
Subject: Re: [Sidrops] WGLC - draft-ietf-sidrops-validating-bgp-speaker - ENDS 09/07/2018 - Sept 7th 2018
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Oct 2019 17:50:14 -0000
Randy makes a good point by proposing to merge multiple efforts into one single approach. This will eliminate any possible confusion going forward. During the adoption call for signaling BGPsec path validation, a valid point was raised to use the current RFC 8097 signal and extend it using a section of the reserved field. Using BGPsec unverified as value 0 allows backwards compatibility and I am currently in the process of modifying draft-sidrops-bgpsec-validation-signaling to update 8097 for that purpose. Today, I was talking to Daniel and I believe we can solve the issues addressed in draft-ietf-sidrops-validating-bgp-speaker. The current RFC 8097 already opens the door for signaling the attribute via EBGP. The end of section RFC 8097 section 5 reads: "... However, it SHOULD be possible to configure an implementation to send or accept the community when warranted. An example of a case where the community would reasonably be received from, or sent to, an EBGP peer is when two adjacent ASes are under control of the same administration. A second example is documented in [SIDR-RPKI]." With the current wording of "when warranted", one can make the case that a contractual agreement between two adjacent ASes which are NOT under control of the same administration could also warrant such exchange. Said that some extra wording to make this more clear or even simplify the issue can easily be added. This will also be helpful for future BGPsec validation state signaling where larger ISP's could perform the majority of BGPsec path validation and the client peer just would validate the last hop - if at all needed. Regarding Operational Recommendations (section 5 of draft-ietf-sidrops-validating-bgp-speaker-03 ), I would propose to put this into a separate draft or maybe BCP. The different operational modes described there are worthwhile keeping but should be separate from the signaling, Thoughts? Oliver On 10/28/19, 2:13 PM, "Sidrops on behalf of Randy Bush" <sidrops-bounces@ietf.org on behalf of randy@psg.com> wrote: > At this point, I think a clear signal from the WG would help the > authors change their draft OR abandon it. this draft, and others, should merge to use a common signal. i think oliver has the need here. randy _______________________________________________ Sidrops mailing list Sidrops@ietf.org https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsidrops&data=02%7C01%7Coliver.borchert%40nist.gov%7Cc9707c8f107741dd7a2208d75bd2941f%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C637078832292414198&sdata=LHM0DkGM6sqMwy1%2F3vhzWvPyP5aHaaEujo%2FZLt4IqRU%3D&reserved=0
- [Sidrops] WGLC - draft-ietf-sidrops-validating-bg… Christopher Morrow
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Job Snijders
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Daniel Kopp
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Daniel Kopp
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Christopher Morrow
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Job Snijders
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Job Snijders
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Christopher Morrow
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Daniel Kopp
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Job Snijders
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Daniel Kopp
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Ruediger Volk
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Christopher Morrow
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Daniel Kopp
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Jakob Heitz (jheitz)
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Nick Hilliard
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Borchert, Oliver (Fed)
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Borchert, Oliver (Fed)
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Christopher Morrow
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Randy Bush
- Re: [Sidrops] WGLC - draft-ietf-sidrops-validatin… Borchert, Oliver (Fed)