Re: [Sidrops] Minor comments on draft-ietf-sidrops-aspa-profile-00

Nick Hilliard <nick@foobar.org> Mon, 07 October 2019 12:31 UTC

Return-Path: <nick@foobar.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CCD81200B1 for <sidrops@ietfa.amsl.com>; Mon, 7 Oct 2019 05:31:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.301
X-Spam-Level:
X-Spam-Status: No, score=-2.301 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8OGkihHYGKU1 for <sidrops@ietfa.amsl.com>; Mon, 7 Oct 2019 05:31:57 -0700 (PDT)
Received: from mail.netability.ie (mail.netability.ie [IPv6:2a03:8900:0:100::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67E6E120099 for <sidrops@ietf.org>; Mon, 7 Oct 2019 05:31:57 -0700 (PDT)
X-Envelope-To: sidrops@ietf.org
Received: from crumpet.foobar.org (089-101-070074.ntlworld.ie [89.101.70.74] (may be forged)) (authenticated bits=0) by mail.netability.ie (8.15.2/8.15.2) with ESMTPSA id x97CVqHA084851 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 7 Oct 2019 13:31:53 +0100 (IST) (envelope-from nick@foobar.org)
X-Authentication-Warning: cheesecake.ibn.ie: Host 089-101-070074.ntlworld.ie [89.101.70.74] (may be forged) claimed to be crumpet.foobar.org
To: Jay Borkenhagen <jayb@braeburn.org>
Cc: SIDR Operations WG <sidrops@ietf.org>
References: <1CF3E143-98E7-4B66-AEE5-02617A639BCC@nlnetlabs.nl> <CAEGSd=AH5hNf4vm=f4ztcMnDDrPLxE-tZoHHjmcWDO7OVo5pxQ@mail.gmail.com> <m2sgo5zad3.wl-randy@psg.com> <9579DFEC-6653-4CD2-A4DE-2DC5B7427782@nlnetlabs.nl> <23963.10240.12287.137386@oz.mt.att.com>
From: Nick Hilliard <nick@foobar.org>
Message-ID: <29669e33-2ae9-1aab-0cf2-63e9d0f3857e@foobar.org>
Date: Mon, 7 Oct 2019 13:31:51 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:52.0) Gecko/20100101 PostboxApp/7.0.5.2
MIME-Version: 1.0
In-Reply-To: <23963.10240.12287.137386@oz.mt.att.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/IjgXmY7qievWJS95ALArJGVldJs>
Subject: Re: [Sidrops] Minor comments on draft-ietf-sidrops-aspa-profile-00
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Oct 2019 12:31:59 -0000

Jay Borkenhagen wrote on 07/10/2019 12:56:
> It's critical that users of ASPA data operate using a complete set of
> an ASN's authorized upstream ASNs.  The simplest way to communicate
> such a verifiably-complete set is to use a single object.

bits of me agree with this, but other bits not.  It's shifting the 
problem from an RPKI database synchronisation problem to a 
human-oriented data synchronisation problem.  Both are hideously 
difficult problems to solve, but the one which involves human input is 
almost certainly less reliable.

Nick