IETF Logo Mail Archive

Re: [Sidrops] [GROW] Any credence to AS_SET in the *middle* between AS_SEQUENCEs?

"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Sun, 24 July 2022 08:53 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 462C0C159493; Sun, 24 Jul 2022 01:53:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.692
X-Spam-Level:
X-Spam-Status: No, score=-3.692 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.999, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jmGxQ7VsEv7t; Sun, 24 Jul 2022 01:53:35 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02on2121.outbound.protection.outlook.com [40.107.91.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53B15C159488; Sun, 24 Jul 2022 01:53:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DSX4mNvl8Cb6OWWsaUpX82NrM0TjdLXquBjeAAtD71Vvdf/wJxXtErULDrVvoLF7KscSBQPXT4q1Bafy+y5R/SouNMWdgEZKSWAMf88KrSQ9ZnGjJpkSnUny+hCnjBZ2FDOjW7ChyHubogErT3GAfcNYjH5cGJn0LHoAf25Y2e/1aR8UcpVgqLefAEsTIeLya0TIGfBCOEFoH+24UA8SZRyl/fPfcPkP7fcFewvuv3IHxwMr00FT2Kebm5KKJPfks7C6O/k+Hpx1aQ0wvMyAcvhAU/AHMjnel1xLiWaIUq/xPuJHWsnWvgqhdqoJMXlEQN4RiavWHyElFIgUXp+tjg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JACDbGNDSQSGq709rkDpp8BYiwhsVmdjn+jiL2SrKYQ=; b=GcLmJTf90g5HhDMzvnxv++9B+IQTrSw0RF3ap8ZlURV0KmazJszQNWLj5u+fhCsnwF5NguPSDTIiVLa/F2ZC3B2MU0gv11/OCejnqFDiseiyi8Fqxh3VgKI8MeWxsrdtgri21AZ8KreRD81jgl6eyMdxkP2/sJg5zzxpPyaxzvqcbwI3qUXyuji1ld2Xs0MuXf2/zWMyaF8JPGqoGVEPLSlW4gmHHL4svMdkiQcciE+Zru7RwTqp+JUt6o/+mh0ugpgmSJZw5CjFVuqUyyRuiVHgUyhx7qkJGOBb94I7Li+3SYNUwRyggW/SxtYBeIKDFoQpM7FBOo0dS1CCAWXhPA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JACDbGNDSQSGq709rkDpp8BYiwhsVmdjn+jiL2SrKYQ=; b=JSw09RP90n9AIiG8koSdtP+kTe630gVO3wL/hzTJSCtEQQshdNVppr4zX9t2j0NncFS85oA3+2JP0tfHHpYC63fLubyDk+vNQNxrqKPDBFpE9VQ7L3ReZPZAAwr6ZsJvnSVDKobS8QOimTolyKbuzTkFuFTOpn8vJH/tunwCynU=
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8) by SJ0PR09MB9031.namprd09.prod.outlook.com (2603:10b6:a03:445::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5458.19; Sun, 24 Jul 2022 08:53:30 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::e468:3642:30f4:8f64]) by SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::e468:3642:30f4:8f64%4]) with mapi id 15.20.5458.023; Sun, 24 Jul 2022 08:53:30 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: Randy Bush <randy@psg.com>, Jeffrey Haas <jhaas@pfrc.org>
CC: Nick Hilliard <nick@foobar.org>, "sidrops@ietf.org" <sidrops@ietf.org>, GROW WG <grow@ietf.org>, "draft-ietf-sidrops-aspa-verification@ietf.org" <draft-ietf-sidrops-aspa-verification@ietf.org>, "a.e.azimov@gmail.com" <a.e.azimov@gmail.com>, Job Snijders <job@fastly.com>
Thread-Topic: [Sidrops] [GROW] Any credence to AS_SET in the *middle* between AS_SEQUENCEs?
Thread-Index: AQHYm6b3nHaOc2w6EUSXBKZiVD7GSq2IgsKAgABHaoCAADbjJYAAEGUAgAABYCuAAAUTgIAAAT+AgAQhTrk=
Date: Sun, 24 Jul 2022 08:53:29 +0000
Message-ID: <SA1PR09MB81422706D5E43E581A75E5B384929@SA1PR09MB8142.namprd09.prod.outlook.com>
References: <SA1PR09MB8142D357A98BFAAF206C387C848F9@SA1PR09MB8142.namprd09.prod.outlook.com> <66814cfa-8425-8063-9193-272bc8b28291@foobar.org> <1F8421AA-8514-41FB-A047-EEDAF975B934@pfrc.org> <SA1PR09MB81421D152AC2DA200EDE1D9784919@SA1PR09MB8142.namprd09.prod.outlook.com> <E19A89F1-B892-4D41-99A3-5C551C7FB640@pfrc.org> <SA1PR09MB8142B461A3FCF715071F7EBD84919@SA1PR09MB8142.namprd09.prod.outlook.com> <F02D928E-1600-42C4-B8D0-9A544849A22D@pfrc.org> <m24jzagyi8.wl-randy@psg.com>
In-Reply-To: <m24jzagyi8.wl-randy@psg.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
suggested_attachment_session_id: 94f4d1db-6436-6be4-6247-dc27df651eef
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 11ef916e-2d88-4909-b486-08da6d51fb28
x-ms-traffictypediagnostic: SJ0PR09MB9031:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: FVX217G9RoYCghfsiDe1GZqvP2+XpsJ1bM/9cq0dZ09WUgqsqoAGrAKBQvlEZU3n9hY4OTFS8m7jPp8I3vw2OlaZMAYXbxm6X3Irc0Pty8r8ncvtnQP+Ff594djr2ITUcM/dVZIBEVbUC1km32WeO0TxxM1Q4Fl7cYvDjJPxrI9mXmOvT6tdzUmFpnUx+RNrkBWPOr3W6o5MvuSuKtfG2imEK30OTxRr8buM5PVwKZRskm7rxqYdWFmV8P5KYYageG9rNvppG6z0BaRRqdYHivRyTxbHmGG5N72tZ+HEppZg24obo8cjiiPJYLvQQUMIAf5h9u9GXMiKq35IGErzNdwh3H8Wv4CAiSKpqkFTl//WSdUloAKPx3G4IcEEfIA/CAiB5642CMobmMgKG23zpCaG6jzlHeKRcUd3yZEsJ6FIPnSCps7/XY+If7YZNBrizIn7PUYlsOU+JuayahS9JLp0m7XKD7xzS4xmTuPzDGNFqTQvRc2jkuhlb2BFwLaJoepzEuLH6A6iFMWcFJ9c2XESleCgf/xbja9AEWZoM5wMNpEfJ2mugHwhsk2wPHJEbHHGGwOMH0CrgA932MgwNqRxULLCVZw7gPD8LSS6BkK+7Il29YIBjA01H5AFBaFEunYYmJny4lnS+aqdBTnJNqEKApF66YdaUoN6TDlnku1V7HxUYMvJodb3TjedhQyl67Zs6xXG5E1NhbR8l7u6+Iit1E8f8akb1CAWPhW67nLDQqh+86yK6zqKo3jy7XauO2As6VY+GqdwAh/HxR97FhNxfjfa2UQZU+kSKgBOL3Z9MwxJEd6/HBDoQz288PSK
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR09MB8142.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(83380400001)(82960400001)(38070700005)(52536014)(8936002)(122000001)(86362001)(9686003)(33656002)(186003)(38100700002)(26005)(7696005)(6506007)(110136005)(54906003)(498600001)(71200400001)(76116006)(5660300002)(4744005)(8676002)(66946007)(4326008)(66556008)(66476007)(66446008)(64756008)(91956017)(55016003)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 7wp4aH42o1g9eQDtqQG5nszDZYSq9wQUtOoTkgFMe04kdf/OYdBgw6016djpOMb+G1RvmusjN4EAdr6DZlAmw/rcKlGwlk+1AxE/VtQUgNhpab+QIIN5fia39exmfKy3MkDOjJVkfQZssqrXiYH7Lju2SFA3ShwyBUsjVjPO8BqZ7KZh0epQwA2qGTK4R/m76SeehIs3dHTMBnhJq+8eYYxo4vjaX+z6G21/+zPNCeF4J2hcUcFvGho2120MGxzr6U5zgMpYTbx9jw/Gw7rBDDLN+FuA3n2qpo26hmM7OLrwh2AGKuXrY4VbYCpwJKa6m3/DdU6PaXacrWwZrFi2LmHHM2MP3feK9nTx+/T4VG9GvRr3eliOZCVKTI65HCVTAsEFUkDaTIUXERFPOwXof1XwenJCCQa56Tofx5GrXANqRPnT3/J5UJg7FgwQx6UlpKN8EaqoeOWJZEcmGghy/tmKnLowbskT74WcZPZE8/v71xID5XV80tWro8jWVB6TOLNCqotb423D8vp4wH4NIKxMdjfcOYZEFSk8ney7HFqdmIguGz+E2nPklgYSV3EjkTamf6WCaQq+6/JawnrYofDCe+Y6mOy8vY+3SjAhinbRL2iBeQHhX+nsVfyKcsuEas2XEQMDOP5Mvx0F8nHlbUWMxH3UlgGZDX++M3kfYfpCKm83whLOslQYtZaaSvwJmnbMX7xBE577G98ytlbBt2oYb1SonSf6Mb8Q7A+um2As2S4NAlEJMcDlQU8rLSPcRXo2TIWSWWM5u101t1DaPbRJirXKFtXSorhBUDUPpkPXpbmgQStgbjPF1wX+M7EoWC6CvlMASj+6m/8nVRt1hwJ8DkyClD5MWIEv7oVUoBaKvnCELceDWV89opLBGJ8U8ahrgqhr/dEGM9jUGxFdSM3pWfMLcSwU0jAPu1B4xu34GK3+ecM/g6ANAQ78QAiDw52hhCNEQc42OBBkFrXYVRSLEj/AiIlo1Sf8vYHpI6fg4MW2ZKlL4lzxFvfJu2CDjgFk6sasWVP/QqBtKz3G0ECRuSVpM2dsZyy+GS5D8kdoEXDEiIRgsuIv/vVtRyMhfKmsb6mKFlrG0x7IjkYtjleBXhHnRBSulOLG4go976LtCFXRFyjCxXGlIhMYthrGlVrscQON/1MKTNucTUGF8vqMMPdGtFh6zwIOFwLIXrkLwIyJFmr30Xbv8xYZwpLeq1lvvhhlTGMZAv2QyRpS+Z0YjLxMU+zTkKGEMYYFDNk03kiTzHCsEsEq3bj1uIKnl10ztsncJ9qlE8mUSeU25Y49i4aYGAUyzXg26IFFaej34NXGtd/DGKz0XN7s5kD/nq0TWq1kVDe9yzIsgXtzmn80W2NbkoCueO/AuMmHsQGTsxaabUQFRWAcVDtGfybMJo08RorTvfXjjADWpThx90+PLllvcFk8wORoYD75aZEEGUPtZnUv8AoqDLmfZ0hQSsS0hJTv1Zrq8pL5ln995yOTNdfivwd4wfn2ajM0Mm5jd6ZswA8CfQnB/ERJLpcGzsBGNELGlrd7nVOIYXlDunVxHcpImkhWJKWMwURoMIs=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 11ef916e-2d88-4909-b486-08da6d51fb28
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2022 08:53:29.9561 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR09MB9031
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/KWAPgsSTfqwH-3t1b1s7nIoNEA8>
Subject: Re: [Sidrops] [GROW] Any credence to AS_SET in the *middle* between AS_SEQUENCEs?
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Jul 2022 08:53:40 -0000

I think we can conclude that the outcome of the discussions in this thread is to make the following change in ASPA-based AS path verification: 

If an AS_PATH has one or more AS_SETs in any position, mark it as Invalid.

At least four (perhaps all five) of us who participated in the discussion support this change.

Thanks.

Sriram

v2.23.0 | Report a Bug | By Email