[Sidrops] Re: WG Adoption call for draft-sriram-sidrops-spl-verification - ENDS 06/03/2024 (June 3 2024)
"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Sat, 01 June 2024 19:50 UTC
Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AC77C14F5F7; Sat, 1 Jun 2024 12:50:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hngFsbT5xmjN; Sat, 1 Jun 2024 12:50:34 -0700 (PDT)
Received: from BY5PR09CU001.outbound.protection.outlook.com (mail-westusazon11012008.outbound.protection.outlook.com [52.101.85.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61C1BC14F5F4; Sat, 1 Jun 2024 12:50:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aLI9j63jJWHf3wkeblYWW8bXiWixsA8lvOOAG7JjWcSFWu1e8nbyL0FoQ0IPcwIHbjua+vWNGZH8Hjcm6JKNGXXbztOFHevb5hTmHLV1jzgRzcnK+t104SmxZEmk3IvuMwvXVtmrrTVJgdrtDPiTwuoE+JRfkADoDM3PH98z08yrGU0Dc5YiCAru/9tH66iiX2I7LWsB8X+u4OjGD2NklL3GsD5aC7+Ljbv++yg5kGf8mS5B33DsRno+Mgs7hdJunbyF97cwzPpEDwwOfyOVg1tPk4xJk9v4O5kHSEcos0fPdpdlYtzV0QXcXzs0ShGy+GDxxfOqmJgf+xgkzUDZPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+shHRROspl7NDz7q2aaM2SLIR6ml6tVWou+GdUGciKM=; b=f7HF9p+AxhKFzUWkBQBOO47R6KzACqTXMbPYtw/1rXLQjt3mdy0x0vuVf2RK8AhJ76RsaCgjpyBYA/G0n+/CJNI5VE7WfywuFO/REZexfbBD5FTszXo+g1Hmn0ZiIO+tPPbUdD98UtBiGxF/DflJ2gKpXe+Z41+7CnYXRx+Xor8me8WN9laomTx+2pAZFJax8165+85pKS8ckycBiqecV4HV7mlhgRt5pTUHlknHx8ShSQNjFYgFounGAufJmcNQdYORL0hUY1ilvBvnw+VktoJmtdNEnFDLBkWP6vpnsV0oX+Zr+/QPb4qQs9Fn2RS3ASsMkcFGW0QKDZlK3d/Ztg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+shHRROspl7NDz7q2aaM2SLIR6ml6tVWou+GdUGciKM=; b=zLGzb4T1tIlGVY25g3BhEtgNYCkG+qLTHK5DvVCeRVW2GXHor79Yo5g9cv/4QE1yFsSxxUlCQNRdA9v3bZQ2JoqUKjxap1hxAgfuyBv33tJWo/3RiMPk4OtCw6qjkW5p+TK5SdW/QcHdsIbJRbWuWwKlZNga/VOarGmeSZ5wIKk1rjHoSyQmcKI753mbT7A3QUd694uRy+NqQOkZCL1pY2K7nfjDkmU2+MUd3Mh39yYIBJhztWISRpuD095bjiwtHEEfVLIzmEIN72ocZERTW1+DxIDGVyHmJHUumCM5u41KRw1UDBXXtlpRN734i4ahsEPVbuFBrjxt1UHnyVWRPg==
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8) by SJ0PR09MB6366.namprd09.prod.outlook.com (2603:10b6:a03:259::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.24; Sat, 1 Jun 2024 19:50:31 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::504f:d20c:9137:39a7]) by SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::504f:d20c:9137:39a7%5]) with mapi id 15.20.7633.021; Sat, 1 Jun 2024 19:50:31 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: gengnan <gengnan@huawei.com>
Thread-Topic: WG Adoption call for draft-sriram-sidrops-spl-verification - ENDS 06/03/2024 (June 3 2024)
Thread-Index: AQHaqm7YngWOUGzeEUmaVQKZf+T99bGyzsvggACKBOA=
Date: Sat, 01 Jun 2024 19:50:31 +0000
Message-ID: <SA1PR09MB81424C5DF7A91B43CC1F046B84FD2@SA1PR09MB8142.namprd09.prod.outlook.com>
References: <D20B81DD-3BAB-41F2-A1B5-5EE9553820E7@arrcus.com> <c7a0349b084445e2ab5ce381f9706396@huawei.com>
In-Reply-To: <c7a0349b084445e2ab5ce381f9706396@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR09MB8142:EE_|SJ0PR09MB6366:EE_
x-ms-office365-filtering-correlation-id: 46305e79-a0f4-4767-8d6f-08dc82741806
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230031|366007|1800799015|38070700009;
x-microsoft-antispam-message-info: 1GpJmAE8jR3jbfnjtVEayH3uOJiIivSAo5LRlGlF56eAkYxF5lJ+h6CtqRKeg0uLECgjcCShuP4xk7aR/w8+PVj7px/Qz25zfN9TkI41tuZYpJnSPH/xWJB+ZTvb9nh7j2EpWwKRYokuN0lmI3c1kxQYEzChetOfRgcNNvrC4hro9E3qAf9ULhnoFPtU/PIooSnl6OVWaAicL3KAvPqNbSTaILTUG4RktXKzmdUxbHtuiafZBL68T9sYQzLR4gnoscbX60FoHB/N0U8futnrS/WhpWiHMry9Ez/6ac/TuiTP7PQkgV7caqLPBKZOEp6ES/fjEsbar9QBTpQ661B4fNP2qXTbOVWiLzpcJvba73XqajhtNjNADBymgDwO/kyPKufVTsqqxTG+1UMvN+eI3ktb9JFYUunI1lj6XtMTjayjYpJdu+fft9+dZuk4wmEJaAyuahoXluGRbCkyeNncv1rdiDIJfCIORpFfHCKyS1QdMar4Hjkdb1MWQQ+GED/xLnKRVbxO3T88VxC1d+83+EJOenWUJzEV0JZNQTiEBh8UoTLbIoqwFrujSgcEg8Vrciw4WyfWf2+aSUoxU9ERHPETb9EXTlI6B6uwcGg6u0B57KKsHf9noFCY7a6g12tLLSprq7yTXk6tGJ/MIj4EQJUxGDjtVkqbBrFgUf1zwyEuSAXAEV11f5bdsX8UaDBMaGyalwZ4qIsG/h+1DH76TFljeMv0zSfo+Uxucg3rNlj0rP8IbIydWuUDDoi7FN0dAcMmFiWjfjw0g50e85IJvsNyKTgqRTafZJCpNh/SoU8PV+PCY8kvpMhPsUlIBKYwHx2Md7zFoAoPHS0YfVA3mOqw28FQ1ZG7yLDjzAe0bZo/sZb9v8Jwt92XEitVjhEl+3GP6a1b87GVX2kU2BtFzAwjkIv7EM1fev0ATK1vp5EtaPxwU2j8A6ux5ZX2F+uUJBtP/r2lyM2bn0Ttyld+0nAEkR3HiulV4h5XEV4yejfVxx2Hka96z32jBqWbXENEGJfjYCFU2A/WLU1Nc75oqabBHhXVCbz415k9CH0MezudlFfgtYJh7RvflVLCeTn0d/G0iYs0TJ022Z+4qcBJH9h+vDfJ1TUYyaaafa8XATde8ylZvOXxQwFIvXMayeD0Wh7FBm2bCdL8ui/Z6h5tHNcyrtU5dzwmPZ5SB5eRygn19BYTsbJLG2IzXpzO4KltQs939pBvKDGXUvL6iOo4/7/Fk4EjouSDjfnOTPdhOW9KGCEe9GT/mHHpFNfPmxghh9RJ7uU7phUTarg1HeeUXrDQLkGwgYXx4Aa9rVAKTnzOvDEQSix0jzU/AxwdOGvDFOd1Q+woakA0CW5fCRPxMw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA1PR09MB8142.namprd09.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(1800799015)(38070700009);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: MhEOu+2i+zP+0knR/U4rfunJtbmZHtc11kCqANi511tipTHfyI+vqPhAIkh02GoIYfMFMPtUu6P5e+3OJzp5rgiWNHMkXbq45cAC4br7iBPSkDOnzcVpCFxIEBDtIbyD4leHJkRYJeGzYNeLYXHtpBrJ+XK7DnUwzgBe/rwvHLYLttpmB3Yh2oEjc9rRdgO1RoldCb40rQlSoKaZ8QKt0prrY45qT3f/BDLlpDKoyFYJak0DNpArRUvqBAF1J5jkOqEyq6UNIl/OuT/g4cJZEIV4jA2hEawIuFAeDqNhpB0Wx+fFFMDj42ZsqP7YHp+NVBHJSaBQuOEcGVOhLw38DbVKqxJQD8o4XGSGwUlbyLHB6WYcQIsNZVOb7ncbKUbW86TkGln6kMyO4Gk8K5PeXMbxBBsfIw3QuGXGYMUcK1NwP5CYPaGeiimoygvrBasM9Vn5u37lNKKKCM85e135eVd71fBam4/KZx8q/2qsxt7UT77JB/n8BmJZ8mOOm0/ucijYP+oRtPNxV/fUSTv9SGd1X4/UvQvWvZsUX6VeVtxQPCwQRuFojr3u+H9QkrWx/ZZzV93uwfv1KpYDAxZYWk3srKWIFObn21bnKGsICQAob20v1W92vNbhZwIggEKBSnckOB1fsFWbEeZIqKpkNtohNP/gly9aQMx7jVOicBWRTpdc2VyzQZj6GWgmf93BZ0iDYAmdkCrRgRdfTPTr2EZ42APSkkirSQkjgtpRtNsAs579vTdR7PPhpSeKhnlBSCh8jNZ4Q2jW4eu5NBBBEvBU09IjKSMIZRoAXzdmAm7oLx4wM5F+0ntEMBnGUWPsHCSLoEGhgj7hRckMjQZ7bavWNmiQwRTNyYq6KNs0i5HxQL+ejCyHB0KYiyBEFYVqYaOubwc7XhoUCT9OMawO1h9yimrAVU4WiEv6nxz/WRvOwMzTlXmZQRGpBHR3J2y0NEbkQwgXVSnZkL6Klm2tHTKGec7g0MtSIWpEiF8OVVCMc4DOygieBsLSTNeRG6i18+TgCb57GF4PkWA4lIl4N1DlExTCqK5OOrKdAFaS4Na60tZ/YjqQBdxwt88dbFrmnZgWYDhgA2P3GnB57lAyq+Go7I0Z3uymb0nXIe4kIJVPJAfkOy5lLL+6W6YApz2o2vXjG2Hnvjqe7RSog4PxUwR9aMyAHR1rHJCOR7bZpS816tkgUmeoi3cVGJKwREeuK7SqH/uGPbJh3XTOYVc4EXw4MKVegqPLH7xREQNTV039FPTwQHtkC12Am0x4KcSDjIB1uuCM03okoOCZv6i2qysSpfLb9MkJKsfTG+1z5RjDfDQN3OC9S0r2m/KrCIT0GMurBBR6qZ9qCBry5lvX9kO3NwemxYnZhnKseivlRfWfYesPcUfciVo1YW0jn7arCcYOUmiYKkLKaKR13KLVHvw+YsrOJjAs2Jt4vk1MRvCaQdnvMryl/90KTOQrINGbox3KTs4VCERRv35e28fkeNTA7JaGYW6xI+1e7jD9bVu0YKPDv8fl+5lyXRTsBSIJfNHsXd6TemLmyaSehvQ96qSrDIyN1l9CdCBmg3wHlos=
Content-Type: multipart/alternative; boundary="_000_SA1PR09MB81424C5DF7A91B43CC1F046B84FD2SA1PR09MB8142namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 46305e79-a0f4-4767-8d6f-08dc82741806
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jun 2024 19:50:31.0172 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR09MB6366
Message-ID-Hash: TXTRZVL4EKMCMHZ6WWDH3ORSLGNUUFJH
X-Message-ID-Hash: TXTRZVL4EKMCMHZ6WWDH3ORSLGNUUFJH
X-MailFrom: kotikalapudi.sriram@nist.gov
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "sidrops@ietf.org" <sidrops@ietf.org>, "draft-sriram-sidrops-spl-verification@ietf.org" <draft-sriram-sidrops-spl-verification@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Sidrops] Re: WG Adoption call for draft-sriram-sidrops-spl-verification - ENDS 06/03/2024 (June 3 2024)
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/Kim9YCxSzVg8fTnSgsy5nkrzXMQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>
Hi Nan, Thank you for the review and comments. >IMO: My concern is SPL+ROA for ROV makes the operations more complex. When an AS wants to announce a new prefix, it is needed to make sure that the new prefix is added in the AS’s SPL and the owner of the new prefix has updated/created the ROA for the prefix (especially the owner has created ROA for the prefix). Otherwise, the route of the new prefix may be rejected in some place. SPL object registration and ROA object registration are not completely independent, because the function of them has overlaps and both of them affect validation results. I think we have described this scenario well and made suitable recommendations in Sec. 7.2. Of course, the wording can be improved with suggestions from you and others. Note that the new prefix announcement will not be considered ineligible if the AS has included the prefix in its SPL, independent of whether the prefix owner has modified their ROA to include the new prefix or not (assuming that the “new prefix” has no existing covering ROA – there are separate recommendations for that case). So, the draft recommends the AS operator to update its SPL object and allow some delay (before announcing) “until the updated SPL has propagated to RPs throughout the Internet”. Again, we are open to improving the wording as the work progresses. Sriram ========================== From: gengnan <gengnan@huawei.com> Sent: Saturday, June 1, 2024 7:27 AM To: Sriram, Kotikalapudi (Fed) <kotikalapudi.sriram@nist.gov>; Keyur Patel <keyur@arrcus.com> Cc: sidrops@ietf.org Subject: RE: WG Adoption call for draft-sriram-sidrops-spl-verification - ENDS 06/03/2024 (June 3 2024) Hi, Support the adoption. But some more discussions may be needed. In the draft: “If either the route's SPL-ROV-state or ROA-ROV-state = Invalid (Section 4), then the route SHOULD be considered ineligible for route selection”. “The AS operator SHOULD recommend the prefix owner to create a ROA for the new prefix. The AS operator MUST update its SPL to add the new prefix.” IMO: My concern is SPL+ROA for ROV makes the operations more complex. When an AS wants to announce a new prefix, it is needed to make sure that the new prefix is added in the AS’s SPL and the owner of the new prefix has updated/created the ROA for the prefix (especially the owner has created ROA for the prefix). Otherwise, the route of the new prefix may be rejected in some place. SPL object registration and ROA object registration are not completely independent, because the function of them has overlaps and both of them affect validation results. Best, Nan
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Keyur Patel
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Lubashev, Igor
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Borchert, Oliver (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Lancheng Qin
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Amir Herzberg
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Tim Bruijnzeels
- [Sidrops] Re: WG Adoption call for draft-sriram-s… junzhang
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… gengnan
- [Sidrops] Re: WG Adoption call for draft-sriram-s… gengnan
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Libin Liu
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Yangyang Wang
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Sriram, Kotikalapudi (Fed)
- [Sidrops] Re: Closed - WG Adoption call for draft… Keyur Patel
- [Sidrops] Re: WG Adoption call for draft-sriram-s… Ties de Kock