IETF Logo Mail Archive

[Sidrops] Fwd: New Version Notification for draft-ietf-sidrops-rpkimaxlen-13.txt

Ben Maddison <benm@workonline.africa> Wed, 10 August 2022 23:17 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10D57C14F75F; Wed, 10 Aug 2022 16:17:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZbfCEO6SiBD; Wed, 10 Aug 2022 16:17:29 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70058.outbound.protection.outlook.com [40.107.7.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BEE8C15C517; Wed, 10 Aug 2022 16:17:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=biSAqzJzGDKW6qsRMU6VtKWNM5MxPtzXX2L/2G8LNIezBN4BMtjiw9YSnGMZ8sSk19DLJJV1n47kujC2oHoMV4TrVOLUOoTo7bpqYUOp4CQ0h9o4uSGAn8snUWD/SEvS5/IB1ty47bbIQ6I8sbjLaQ5uNuHPMw6Gj08nSbqchdrB9CtIRERjP1UM1AQFSbXz6ZMcRcbs+Hv8UF6sJXBZzfFaNyEBUXSmLU/AmrMnu7QIsMnRxANVA/5g/UE11RZfjMMWUbNlFMSM4AECFj7jbLwZe+yF0t+EX7la/MXuFkXo7w38YOYcfyKH6YauYt2FC367OZYksYn5ML0zR9006A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=X08TqsI3EuedLPjsuW2cZ+9r8iwJF0wXr5d2vPJ377s=; b=YVzEND3WsAQu4ffBZzCG7Li7jiZ2v7UupK1ML/b1VvN/TxFAgvKtpLsHPz/IDe/yWuGEiOFFzob5uEfE9O2P1+CUuXgfmlsL5vMWoDv4q9WQbI8cL9Lo7WMrUf6NRImQfW1d2NoCRLzfGY+03xlaF2obMxf61D62zMEMFATF1MLJpscP25s83W7NH2NjMXmbzvYvSYYxu9zU9gfYB5VlLtWsBnTh92hHI+Z3Hw2VfrMEx1yha4Q/QpMRGX2ekNQX3KZYtyLTylqpyA75dhzLiR4xcpCTM8ASrJ2pTx7PC2OVrXZ4JroyzWCTwjWNUgslF3wLZtDArZwmLuWZ02j/UA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=X08TqsI3EuedLPjsuW2cZ+9r8iwJF0wXr5d2vPJ377s=; b=JhNvx56rRaao3+Yp5K6nSHUfXHBu3hX2qCvFpZ6JHX5c5Zpjd7yWf4yFF/SvfBiaGH+YNQFs1DdfLdQhYg1g75G74r1ZrYfffLytyHsnIQ4zGJFmEmFaWibF7BX8cEflb51IJx8CiYKSBSVPJ5PQ4oqQk2UN/wwT0p94YqzThY4=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by AM4P190MB0226.EURP190.PROD.OUTLOOK.COM (2603:10a6:200:5f::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5525.10; Wed, 10 Aug 2022 23:17:21 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8%8]) with mapi id 15.20.5504.021; Wed, 10 Aug 2022 23:17:21 +0000
Date: Thu, 11 Aug 2022 01:17:13 +0200
From: Ben Maddison <benm@workonline.africa>
To: The IESG <iesg@ietf.org>
Cc: sidrops@ietf.org
Message-ID: <20220810231713.dsqiqbqcf22is35m@benm-laptop>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="fsgy7rmx66xpcq2a"
Content-Disposition: inline
X-ClientProxiedBy: CTXP275CA0048.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:1::36) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b9b03521-7ef3-46a7-f763-08da7b2679f1
X-MS-TrafficTypeDiagnostic: AM4P190MB0226:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 0Bjt3Q0xrkwVJVWK6ukx1nCfab//IctRuzaV9j2HyCoI/TTJUiqvV8wY/rMnOQUSxoCQczGmcEEHqDY1emxJ43dlKcl6p680s88h6KkoXPF0/X2rxQasr1enZ2iy9WFzWJvFl7UwY7/jQrg9accR/MPoQKhlYF4NMrZplQrazP3FIKPb3Rq7sUOGmX9ZNYsohWNoX3nC1RYepndltVBmuI48QdH5rXeACg8b088ps+dH4oGe+QcA3PPfWwR9gruv9Q+X5OzNu5dhESD6Tl4BHJvwasi0w/0mdu82XNCR/XbRxAWLaU1Zy5H66pSSlcT+iOsuyHa3Sp5MftBxR2oKLIQ3OWmewCYA3GbALWUxUgOlENzqPUjbKCupWOFG6MaADIKFtxKUfELRn9uGPAQ8+gRpE3k5IdKvhLEpYDZ/bPEYWsiwKdT1NptwDT3EuuC4lpPZxMiqdI0KrcSfKJoNYuCjmKIzvv3o10UN7e/H3Dj8sYQCnZhfRCpESwaI8wT4295fqFLrdToTTwK5RovzzGOELNa9zZxif59jstbTyTdt5Sd6uCWTq8ZvVNSKXxsoOZ0q3uBfvNeJ2h2U+wfxf3OJlZQbOPtunWPA7kgxOiy3YBW/V/+Qmw2m3/GCLqofsZs2o0ErhycxoUjaYpmL8CGDGA6v6NfPe0D1GCvkw10G3lJdp8fO4B3AT5YknfID5wUEeQ3lU3b2qWQfXWydxYtTipWiAeZ7A9WOEOFcSoO9XD1QHT++T52AUJ18t1fQ479+fjZeuKPOia03uIjZTFn+ORcfcowt2mnjpYq1YhTiGoy9ALFUubMzQ68BA3/qoI1b/wqDJ52Nq2CAPp5Ma51hkW6NpK34Slq5CtmBXmE17tp/vMiy3ITxa6c/gZBK
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(7916004)(39840400004)(376002)(136003)(346002)(366004)(396003)(8676002)(478600001)(83380400001)(186003)(66556008)(66946007)(66476007)(86362001)(450100002)(966005)(6512007)(26005)(53546011)(44144004)(52116002)(4326008)(1076003)(6486002)(15650500001)(8936002)(5660300002)(6666004)(2906002)(41300700001)(21480400003)(66574015)(9686003)(316002)(6916009)(6506007)(38100700002)(38350700002)(33716001)(46492015)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: wgSM9xX9iPpHAkvN7GF1DCZS9VGrK186EiU9XSkm3SMlx2Db75P/DDBdt9DZTDantcLMbiiqScXnfnsY5gqRPz5u865ccQpfVTOxq4E2AtpDg4wW9nWfTVpAyGKg4ofLjKoU0+4kNC03gBLQd7Am04i3FxAJQjPzDewA3XAoNoTnji/aSBjj2YsBZe8nhZTnUuX7TUpAcTfiwQvuaugasL5Gl7D8D9+G4bfai88666hoi66+hfrqtaRzDQ1dD82hbDfB+foPbDtKcRJcPHfC6EsvqDe7XxZYjmivmHGsc5I0hYPVg7CuQgoSi5RcHD3TP56EpK1dQj0xCC28DcL8mzMQRnoNhg/Qdl7Il68m8XrGjipgelUxp/btLVMJ7V1K+t2wWRNGg7jpLlJql8W2O565NDOcyCbrAnjpE/gVnBImC+Fi1eyfI8AWXhW8/CDUP0O2WefM/+mB1yTw3pbMBNZVT53llRm37kMM9uK3LZf4ztz6uqQMAcYiNHLW95ZtGvn0cuw2f8gQ2K4b6Xs/E+eUGLOwAxXZk3Pw9bJOu8+ReZVc4QM9qCjWnqXGT9/YTm6k1wD4jm+908+Bk/1C6sAtVaypw0xSH2wpUg8Z/OAl0Y2CLpGpws+IlMXu226qbk8MCf0ZiyesoYUPIJeZ76W/aGj7Lvb9sQ4wqgF4R1QrOTtdSoLE6H1JMGRqI/W2g4YOSfIBw3eh8uqP26li13bJuEs9aFhNdrRIjzoyFqgCGm6z1PuZwRcYPBf3uaH3M8xWigYDvoehO4OTsyrJQg5leaWe+6ns36saxFl/qvOkR9TOLngnzqElp2c3JQ4PQiSElXwlat09Zjq30eYjvku2BzY9+pYDhtMtLC/KcLnRtw/MsE7TJSdM3Gn8CRD7qDDOEGTZu04LciEprnIgeTuE7VwvYHmjBFSNHldvKdRsAUIsf7L7l53A/DswVpVqJCLFCd/+/uKpfNckF/YRK4/vz5SM547iimwCPnQeBr4WjYxrpf4n9Vy2N/zavt9kAlj68LPN+RX7H8u7UtHF74+FhLS135E83SKFQya1mIOSYn75c+E3A8lhd6I6WaaRRYobrzOgcjM7qwzFTfKTOh0KON1y2n6WC36Tk+8zS2NU8ZkSLtp4rEHgkQqmtrNFCbpsQDk/9shrQGBruifj/tGt0RYfxqvsksDx+T2GlMXAiqGY2sMAj8U6/UYuCMAwPj+WU4yOoppIAiFv39D076L/b+kzcwnf1khg5YdpB7cvjKPdmaBsHsVUU7Kt2lkN50f23pCPPWJipVB3vElWS3PclArsYSPGiIrnaCfDa0M/EnJsY3T4LleUJmd6TCHAV1Kip8jFgEY7dNU6FkXBGlIehB8BmfqrwXqy5NySOIxbEVPcQA6HJaeoUaKPb4+a2aOZNLPd8m99zvNC2cbqou4/3WbhJAXxGaywBJHhVslMgpiGuJjVAwi1+dvnSguRb0J7pR3GmXa0OExOzLneo1wKu4+q4UCIGAV6VYD7/HWoqVPFBRA2vgUGPYbl8kgaSNRldFniehSR/KwJ1jVhlznpfxrcSWpeaulm/z/tbvI+NVw9HvmooPYuGL8B8TPkQELZ2fR2L86OQxOopJ+boA==
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: b9b03521-7ef3-46a7-f763-08da7b2679f1
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Aug 2022 23:17:21.4345 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 4DsbZqgr5aqFX8w+kTNzqv0peogCSWOBosliWJltwGvNa3tmJiBjjR1vXXpMJrmuWWAuQ6TKaB7lCPDqAhckbg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4P190MB0226
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/DyK0khfloevgS1jvIJ0QfCbgVNc>
Subject: [Sidrops] Fwd: New Version Notification for draft-ietf-sidrops-rpkimaxlen-13.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2022 23:17:37 -0000

Hi all,

In advance of tomorrow's telechat, we have posted -13 which (hopefully)
addresses the comments received so far from Eric and Alvaro:

- Added forward ref to section 3 in introduction
- Added note to make clear that recommendations apply to both IPv4 and
  IPv6
- s/SHOULD/MUST/g in section 5
- Advise large operators that automation is a good idea in Operational
  Considerations ;)
- Added metadata targeting inclusion in BCP185

I think that was the whole list; please poke me if I have missed something.

Cheers,

Ben

----- Forwarded message from internet-drafts@ietf.org -----

> Date: Wed, 10 Aug 2022 16:04:52 -0700
> From: internet-drafts@ietf.org
> To: Ben Maddison <benm@workonline.africa>, Job Snijders <job@fastly.com>,
>  Kotikalapudi Sriram <kotikalapudi.sriram@nist.gov>, Sharon Goldberg
>  <goldbe@cs.bu.edu>, Yossi Gilad <yossigi@cs.huji.ac.il>
> Subject: New Version Notification for draft-ietf-sidrops-rpkimaxlen-13.txt
> 
> 
> A new version of I-D, draft-ietf-sidrops-rpkimaxlen-13.txt
> has been successfully submitted by Ben Maddison and posted to the
> IETF repository.
> 
> Name:		draft-ietf-sidrops-rpkimaxlen
> Revision:	13
> Title:		The Use of maxLength in the RPKI
> Document date:	2022-08-10
> Group:		sidrops
> Pages:		15
> URL:            https://www.ietf.org/archive/id/draft-ietf-sidrops-rpkimaxlen-13.txt
> Status:         https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpkimaxlen/
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpkimaxlen
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-sidrops-rpkimaxlen-13
> 
> Abstract:
>    This document recommends ways to reduce the forged-origin hijack
>    attack surface by prudently limiting the set of IP prefixes that are
>    included in a Route Origin Authorization (ROA).  One recommendation
>    is to avoid using the maxLength attribute in ROAs except in some
>    specific cases.  The recommendations complement and extend those in
>    RFC 7115.  The document also discusses the creation of ROAs for
>    facilitating the use of Distributed Denial of Service (DDoS)
>    mitigation services.  Considerations related to ROAs and origin
>    validation in the context of destination-based Remotely Triggered
>    Discard Route (RTDR) (elsewhere referred to as "Remotely Triggered
>    Black Hole") filtering are also highlighted.
> 
>                                                                                   
> 
> 
> The IETF Secretariat
> 
> 

----- End forwarded message -----

v2.23.0 | Report a Bug | By Email