IETF Logo Mail Archive

Re: [Sidrops] WGLC = draft-ietf-sidrops-aspa-verification - ENDS 03/22/2023 (Mar 22 2023)

Martin Hoffmann <martin@nlnetlabs.nl> Thu, 23 March 2023 16:37 UTC

Return-Path: <martin@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B95C3C157B45 for <sidrops@ietfa.amsl.com>; Thu, 23 Mar 2023 09:37:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.797
X-Spam-Level:
X-Spam-Status: No, score=-2.797 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id at-_P5T3AJBX for <sidrops@ietfa.amsl.com>; Thu, 23 Mar 2023 09:37:46 -0700 (PDT)
Received: from outbound.soverin.net (outbound.soverin.net [185.233.34.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67706C14CE53 for <sidrops@ietf.org>; Thu, 23 Mar 2023 09:37:45 -0700 (PDT)
Received: from smtp.soverin.net (c04smtp-lb01.int.sover.in [10.10.4.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 4Pj9xM3G75z20; Thu, 23 Mar 2023 16:37:43 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [10.10.4.100]) by soverin.net (Postfix) with ESMTPSA id 4Pj9xM168jzCN; Thu, 23 Mar 2023 16:37:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nlnetlabs.nl; s=soverin; t=1679589463; bh=QDYgwQ2om3pu0scc52SYzY2wM13CnQgRQv+McIYU0jU=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=D5oP/mJk/L/HVO4N6ZgB6Vhrj8VPkUD7lM3NOR4c3e+bEPIdhOcJ2jggdcUvMLzVW S14BuR5nbvOR4OhwJXtquC1HMUAhOwL5lVuUmxnNE8YhCY3/UnsAU6INrrzdpH2TyC xb/MApNM11P0sXg05CifPr5u0EL9WNCMAPzITbgSOdCSH9mkSJS/GQQRwhgSHpR7FR s2v4QCNFPlh1XQwYlM24cLXxr8DvNF0U7pExE33RKXhuAfG3TRTVVSt56shCRzWETx Xw/4NKkSN3BU8qv7SPIBqxScdOKOtcVo/hu7WjtjOAiGHLcJJgHjdoT/3tOGm1L0Sp 9Bbns93OGnEVA==
Date: Thu, 23 Mar 2023 17:37:42 +0100
X-Soverin-Authenticated: true
From: Martin Hoffmann <martin@nlnetlabs.nl>
To: Claudio Jeker <cjeker@diehard.n-r-g.com>
Cc: Amreesh Phokeer <phokeer=40isoc.org@dmarc.ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>, Aftab Siddiqui <Siddiqui@isoc.org>, Max Stucchi <stucchi@isoc.org>, Hanna Kreitem <Kreitem@isoc.org>
Message-ID: <20230323173742.2c76d1b0@glaurung.nlnetlabs.nl>
In-Reply-To: <ZBx7DrM3Vjf/tSms@diehard.n-r-g.com>
References: <SJ0PR06MB7677230255CC9134CAF94E98D6879@SJ0PR06MB7677.namprd06.prod.outlook.com> <ZBxfj74YFy/5Fhax@diehard.n-r-g.com> <20230323162051.3069b516@glaurung.nlnetlabs.nl> <ZBx7DrM3Vjf/tSms@diehard.n-r-g.com>
Organization: NLnet Labs
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/OP_ilS0EuQc8fX10DK4dHWehnEw>
Subject: Re: [Sidrops] WGLC = draft-ietf-sidrops-aspa-verification - ENDS 03/22/2023 (Mar 22 2023)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Mar 2023 16:37:50 -0000

Claudio Jeker wrote:
> On Thu, Mar 23, 2023 at 04:20:51PM +0100, Martin Hoffmann wrote:
> > Claudio Jeker wrote:  
> > > On Thu, Mar 23, 2023 at 01:22:32PM +0000, Amreesh Phokeer wrote:  
> 
> Please check how the profile is specified. The AFI is per provider
> AS. So there is no real concept of "only use ASPA for IPv4 or IPv6 but
> not for both" (only RTR 8210bis does that).

Oh, my bad. I must have missed the AFI moving from the attestation to
the provider AS in -08.

> > > >   2.  VAP: it is unclear whether how the VAP will be merged but
> > > > grouped by AFI in the case of multiple ASPAs?    
> > 
> > That the sets of provider AS of multiple ASPA objects for the same
> > customer AS should be merged is only mentioned in 8210bis but at no
> > point in either the profile or verification drafts. One of them
> > should probably spell out how the (on or two) VAPs for a customer
> > AS are to be created from a the set of ASPA objects.  
> 
> In draft-ietf-sidrops-aspa-verification-12 Section 3:
> If a CAS has a single ASPA, then the SPAS for the CAS are the Provider
> ASes listed in that ASPA. In case a CAS has multiple ASPAs, then the
> SPAS is the union of the Provider ASes listed in all ASPAs of the CAS.

I had to read the section three times to find that sentence. That’s
probably because it is hidden at the end of a paragraph that purports to
define a notation used in the document.

  -- Martin

v2.23.0 | Report a Bug | By Email