Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxlen-08 - ends 25/October/2021
Ben Maddison <benm@workonline.africa> Sat, 11 December 2021 13:37 UTC
Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 689263A07F1 for <sidrops@ietfa.amsl.com>; Sat, 11 Dec 2021 05:37:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwlE7Dh5E1WL for <sidrops@ietfa.amsl.com>; Sat, 11 Dec 2021 05:37:43 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70085.outbound.protection.outlook.com [40.107.7.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 049F53A07EB for <sidrops@ietf.org>; Sat, 11 Dec 2021 05:37:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NLUNUREPCDxfLdZELY6P2C2wmDl0ltTUgI0KLYv17QK7yPnMEDbdBCk1m/lGzZNNCzoDrlGb12eLF0zos8pTEV4K6l3aFIpxswlkv5DveoUKgOggZ4ZZOL+g7JFpT6Xobu74Yn5idFQPwCf83gAvGlKKIoLbObe39cLLSM3qAcRV2eUTjMZWbaQeqlTXIJ5EmyUgOX/rVFjW3431od4+IoHYyDS2tNohggY+V/Cyg/NXucf0638SYOOaylgfPcbEW1J6BI7e6b2Yxt3iwLuwyssoS+35hoJdbmseBiC/RtqQE2Fh+CyIKOyfBaBOGgkI6lkw0BAGYSm8wU6cfYwu2Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=37KjLBFVKq5LOa8XoIaseFJmbFuhJ7YbWlHYM/kZ880=; b=hvv2uT3C1DgDARgPCaZjW1bwLnNykLEIKH2wptrD2YgzgclPi6vH6CiPa7fcbT3BslSMy1FzrFuAV/Xnqa91maPMUeK8VTzAzV9/R1e+tfZhv6nbXrLgKJVt5ZqvaRefkPM7BBoD6Nb6hb/XxaUIiQCSqG4NCyPZidAGk59d+/DAT1s9DM1Bx5JTbT8ATBo1Ru1Q5RedM4ziqrlc9BxsfN7yCK9IAPqr5mj73Ucp/2YIgnuQ6BiFS02glEl6ih7vY9VT/3ugF7jPTYLp1ASgx/zqT9mHtE9rvo/bIaO3vCVp7MO9CPoP4kzbPuvk1gDlJueNaik+JfgCzLj7aXtt0g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=37KjLBFVKq5LOa8XoIaseFJmbFuhJ7YbWlHYM/kZ880=; b=duRfivmGGCEbzNOL68sCLCck4W2qct3Be+HD3yGR+E4JQEENH+P3cd7wnafU+hKFPmZgNLN2WY03nQ3gef/9Z3eJRNxmZtZTz/X62ZIy7I8ejIsMqMtlW8kkljzeaYSMTC/GMPyHuqcAraG6lRV7w2Ao8YVLNUIzowZxlKhQIvc=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by AM7P190MB0757.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:11c::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.13; Sat, 11 Dec 2021 13:37:35 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::a079:73c5:8443:3068]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::a079:73c5:8443:3068%7]) with mapi id 15.20.4778.016; Sat, 11 Dec 2021 13:37:35 +0000
Date: Sat, 11 Dec 2021 15:37:26 +0200
From: Ben Maddison <benm@workonline.africa>
To: Alexander Azimov <a.e.azimov@gmail.com>
Cc: Job Snijders <job@fastly.com>, "sidrops@ietf.org" <sidrops@ietf.org>, Ties de Kock <tdekock@ripe.net>, Nick Hilliard <nick@foobar.org>
Message-ID: <20211211133726.3tg4qo43cyrrdk2j@benm-laptop>
References: <00E18520-A535-4CC8-A287-56FB2F164E14@nist.gov> <5B2CD457-E376-4B8C-B901-202ACC4C465C@ripe.net> <a775bf84-29a3-45f1-08f5-a6728cf11bc3@foobar.org> <CAEGSd=BvEhaZyqE01hCBYwafZH5Z1-6-0eYbRL-AD3sURe4STg@mail.gmail.com> <YZ4XMQKHI5ZlLAui@snel> <CAEGSd=B2HE1Yqv-eyws=8xbjkxAnC8-pWWF4zveNCSJ++7q7fw@mail.gmail.com> <20211208120944.5oq6o2sr6m6xzq42@benm-laptop> <CAEGSd=BdohzVk7xBcYpp7e=_nn6jvRJ83pUNXQoY0tPvK3nTHg@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="c5clandeiayqlu2y"
Content-Disposition: inline
In-Reply-To: <CAEGSd=BdohzVk7xBcYpp7e=_nn6jvRJ83pUNXQoY0tPvK3nTHg@mail.gmail.com>
X-ClientProxiedBy: CTXP275CA0033.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:1::21) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 6fc8e8f4-cd59-4115-bca3-08d9bcab63a8
X-MS-TrafficTypeDiagnostic: AM7P190MB0757:EE_
X-Microsoft-Antispam-PRVS: <AM7P190MB0757AC0CF9F152A0F7F0FF12C0729@AM7P190MB0757.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: dniX3MXgfXtfQ+e8v9l9Z3+ATExtdvbqJS5z4SBlSV2kNfUkvVyPoQ8GqvPyvfB8d8ilUJ9EHb98RKwfpL0OojUx6hWnXKJdM7aPAg2DZizDUuQ0mhEiuy2/xz85+iL/LOf5zboOwgzWv3JyNClBP1UZTb7TM3iU8wMF64a2FbkeraecmBlhHlsigXESpVEqbuQxlHh6NAs1T7K5UyPwA8EL37umCP/mR0sBJNvK9NEDgl+er62gVTw8Qa+C9wwpGQAqE4/DsPbGW9cPwD+IQj6kK4fhEHDOI0b+H+z8ZFKA72uO8Pt/Y4+A42gSK0YoAwFN1KnjUXyRHfJyD1iZ/oSt9qhufw9XY0/VeQfCH9DteMghwE5FY1o8zUTvAknIjp+IRkJJbsuLQdI7MNzamEypINi3e/bBDsefF5Txlpf/yBRQbsWVO6yfZ+grC2d5nMxlaWqTXaIrd6oUj46+TNgGSPqBlWrcsDsDCQ8ig4o2MWE8IWNo2aJmXnb2NglvfVj1rdtMcnt2Hjl/93lN7IesXi8znKFGSjKc7UXNAPl7lFGn9eyqgvTOZO3PGTqlEuZYBQDppwGyFnC3+sc3xmgQqCqnHaqHQj9KEa2oar38KWGETbaKAimFp0KQBWravEIjraAtBqRakBvIUS5zexqCa9TyxvC5aa5SMnA6LfzFMDSNgYTziAmh4Rx3l1PaKRzgA6FR2XaZCaPuSlNd7Rd4UyIzMeeS9h88e8hJ/6nptHticB76r54fpm/DM5IW
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(366004)(376002)(346002)(136003)(39830400003)(396003)(6916009)(4326008)(52116002)(508600001)(44144004)(66946007)(66556008)(66476007)(1076003)(6666004)(26005)(6512007)(38350700002)(38100700002)(316002)(54906003)(9686003)(86362001)(21480400003)(8676002)(5660300002)(33716001)(186003)(2906002)(6486002)(83380400001)(8936002)(6506007)(46492014)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: pgg8cLaaTkbHFl8rgcafYfg6z28t6JXD+6/j728vJK0KGyN5UDmxRga0WHS4gZV+JDnLPoC+5mXkOHHYizwK1043p0Uq1gbWiKLNUdfiNB45wdjZW2/uSSUrXbnlY7NCy5rKgId5EiJ1QUphocny4i9DCCRytAzjG/ojuu0NkKVLCmcpixgqnIr9pBWCs42hQEKfj/Uridh/sOHGX35keHfckiDBH3QQRmvzZpYfNIppzYGJUt9p0LCMkxmfbk+yg52TatnJaefpDEJJXunLP3KMLyagsFe1zCifmEJTxVbBGxrzSxgkKM7yQW92vAsT82op0ttsV19gF+0IYgmAXpxZEPFrK+w0fKSL68hRVZGhUtySR0P5kpB1q6wIaVyUCcJP7SNV/xt+kcOSgY4qT32l8r7EgJ6JvJZwL4akfYx72mYOtLHI3BfVLzd7LaYZKTDJ3J9+IHqg48FHJrMXZzf+QQZzaLoFBZm21CydMXzIQF7YSe8clFhCOJWqQ6Wcc7gsGKmQO/Cyo9HrjbrsBjQvJAeD0HVBWkInNzetqwAvv9yg4LdYbmMmNrjuyAbGJOtGthOSzd4JzOUVSmRnGg9tkzXddrLkFC8hq4I5EcHkD7ibdnCBDN9P381jJJSP6jwtLD+KdhS6PtdMt3EgR06ADvsqAlQtVkcQn1JyOiN9Xhxo9JcOOoEBCOkBIGc+emGE0gKv6mfLUbkj+er4rdXQ/BsxKiCssAGgkNHrae+5WFzaNjEMe/YVZYbG0QOvq09K1WnPhhpOM8/ywf7KOoVELII3l4slUL0UcS4kPl99ecgflBzCgsoS6fUk/5LVZ2GbePOSGBrZ/38oMqhuL3EJsmwFXKha3hQ/W3yzcJ9tRhoOERrDZuysbak0bQqNfoWAXzOKGDS+UzSA+HY+knZfwXU267nKaziZTKSZg2Wb110MnGv87dqMAXXME5AWMh9D0nqSFXeJKoa1ha/CV8z6YvCMhmEvSbjSWlFnJKbIgHJ4uM26JE5mh3Lg5VnxmvqvXwbWm3BrHTVFjRa9TNhbPVFgJGyLnSnGZkQqNKqDcE2y0EiYA5f87yT2taS4E5LdXDeVGaPLy1tMJE1O0Xynz8ta0ZIjZv1Tn7usLjlR1RTt8uoEshX/M9bgEVoGRzCbmnss5sK1bPraE5YYOP1nvHyY0ekx8ANgGag2LNDoio62qWdFeEMAAna7XlXqPf6XCyPlSpiZX2VE6psI079/D6hx/KGflESDm9Td5kKsZ/GQOfpw5mfOEdDsaFin4PS8DTZgkHTBJyDlqDd1QhNFwTAyzPFSRr+n3AF5PxngziWKJEKlP2rfNHXLm55n8skin0gzDqPCikcT+SX2dwULHseWGPGmrnP+IbqQONO7ABw9/U/qQNe8dmWntwLBYsvLTk54QPPNVwrsw/Lgr9l+uznT53vef4D/Ta/WMkeQYVJiO1RNAM1OWYDKA1lRns0fo0PmEvtPeMZC/9Rl1Prp7M7hJoJrfeTMBK3OxWknoujubac/TWkpK5yLcNEqMjpOoIUub6B9+SyfaGIkiKXWly/r74sHaShMWl2jxdIVilhBuIn+dnyvifJas8l5+Rmg81C2Nz5S6qNZTcVd41ZluoQSDOYnA1oJfIAHnpo=
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 6fc8e8f4-cd59-4115-bca3-08d9bcab63a8
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Dec 2021 13:37:35.0036 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: iRR32QTXiFMCG/YTc8TrdxNN++T8BS6HvuGfieSI693FC5vLWLPppDNp5F/jrXYh+xtuvArdE52y3vSeU1FfMA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7P190MB0757
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/PIWo1uwqTx4fVTpguCf9aqUj-5A>
Subject: Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxlen-08 - ends 25/October/2021
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Dec 2021 13:37:50 -0000
Hi Alexander, On 12/10, Alexander Azimov wrote: > > > [...] > > > > > > Let's elaborate what kind of events we are facing at the moment. > > > The majority of hijacks and route leaks are mistakes. We can assume that > > > the difference between accidental and malicious hijacks is absence of > > > forged as path in case of accidental events. > > > So, ROA with ANY prefix length is good enough to limit the blast radius > > of > > > accidental hijacks. > > > > Only if the origin AS of the hijack route is that of the hijacker. That > > is not the case for all mistakes (Noction-leaks, for example). > > > > Minimal ROAs are the best current initial line of defense to such > > incidents. > > > I agree with your point about Noction. At the very moment, we don't have > any other technique if forged disaggregated routes are leaked. > Though it is mixing up route leaks and hijack problems, and there might be > more suitable solutions for route leaks in the long term. > > My point and my main concern grow from the fact that Noction-like incidents > don't present all the scope. > The incidents that I witnessed were results of redistribution of static > routes with Invalid origin AS. I hope we can agree that for this kind of > incident the length of ROA doesn't matter. > Yes. We can certainly agree there. However a substantial proportion of the wide scale incidents that I have seen in recent months have been such events. We really don't have a good defense to these other than the ROV length-check. > > > > > Unfortunately ROV deployment isn't at the level when we are no longer > > > affected by accidental hijacks. And the best option is instant prefix > > > deaggregation, if it is possible. > > > And I hope you will agree - the time is precious. > > > > > > Now let's discuss how the recommendations from this document may > > complicate > > > things that already got nasty due to the fact that your address space was > > > hijacked. > > > > > > *Scenario 1:* > > > Being a proactive and BCP aware autonomous system holder, one may add > > > egress ROV with strict policy to drop Invalid routes with an exception to > > > blackhole routes. > > > In case of a hijack this good citizen will have to relax it's routing > > > policy/turn off ROV on egress. It is still not that bad, but in huge > > > companies with complicated access rules to devices, it may still take > > time. > > > > > If your neighbors drop invalids, turning off egress ROV doesn't make any > > difference: the update gets dropped on the other end of the wire. > > > > If your neighbors don't drop invalids then this can be done in local > > policy using SLURM, in close to real time. > > > > In either case, this is a red-herring. > > > In this scenario, I was supposing that ROV is done on egress and is absent > at the ingress of the neighbor. > And, yes, it can be done using local policy, but it may take time if this > scenario is not thought out in advance. > I wonder if you want to cite it in your document. I don't see any > references to rfc8893 at the moment. > I'm hesitant to add any more length to an already lengthy document. I kinda think this should be fairly obvious to an educated reader. What do others think here? > > *Scenario 2:* > > [...] > > > I think you missed my point in this scenario. > Yes, Sriram pointed out to me that you were considering competition for path selection inside the intersection of Y and Z's customer cones. I missed that previously. Apologies for making you repeat yourself. Viewed from this perspective, this scenario is simply a variation on the one that lead to us adding section 5.2. In this case the defensive routes are hidden because of differences between local-pref in Y, but the effect is the same as if there is no adjacency between X and Y. I stand by my view that, in the general case, solving for this creates more risk than it removes. But I also appreciate that this general guidance is "general", and isn't necessarily true for your employer, or those with similar topologies... > [...] > > I can imagine that for access providers the list of 'important' targets may > be quite small these days. > But this view can be very different from the content provider sude. Last > time I made this math I had 1000AS to cover 80% of egress traffic and > another 1000 AS to cover 95%. Yes, the same distinction occurred to me. This phenomenon only occurs when the networks that one cares about are not directly adjacent to the hijack victim. Most content networks with which I am familiar have very high external interconnection density, and are usually only one AS away from the other end of a TCP connection. This would make the above much less of a problem, and perhaps explains why other CDN ops people here seem less concerned about it? I wonder if you have looked at how many of those ~2k networks you are directly adjacent to? > I hope you admit that makes 'some' networks care about the customer cones > of their peers. And as far as I know, these networks are primary targets > for Noction-like systems. > > [...] > I hope you reconsider. Let's try to find the golden mean between our > positions. I think that we can resolve this by explicitly noting that the "general" recommendation of section 5.2 will not apply to everyone. Something like (section 5.2): 447,451c447,452 < victim and hijacker filters ROV invalid prefixes, it may be the case < that the existence of a minimal ROA issued by the victim prevents the < defensive more- specific prefixes being propagated to the networks < topologically close to the attacker, thus hampering the effectiveness < of this response. --- > victim and hijacker filters ROV invalid prefixes (or where path > selection policy within intermediate ASs prefers paths learned from > the attack source) it may be the case that the existence of a minimal > ROA issued by the victim prevents the defensive more-specific > prefixes being propagated to the networks topologically close to the > attacker, thus hampering the effectiveness of this response. 453,455c454,456 < Nevertheless, this document recommends that where possible, network < operators publish minimal ROAs even in the face of this risk. This < is because: --- > Nevertheless, this document recommends that in general, network > operators SHOULD publish minimal ROAs even in the face of this risk. > This is because: 468a470,480 > > Some operators, however, especially those that are topologically > distant from traffic sources that they consider "important", MAY > legitimately prioritise the ability to defensively de-aggregate above > the protection that minimal ROAs afford. Operators making such a > decision SHOULD carefully evaluate (insofar as they are able) the > filtering and path selection behaviour of ASs in their vicinity to > determine the extent to which the aforementioned risks apply to their > situation. Furthermore, operators SHOULD continue to re-evaluate > this decision periodically in the face of continuing deployment of > route origin validation by other ASs. Let me know if this works for you? Cheers, Ben
- [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxlen-08… Keyur Patel
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Job Snijders
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Ben Maddison
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Sharon Goldberg
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Borchert, Oliver (Fed)
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Ties de Kock
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Nick Hilliard
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Amreesh Phokeer
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Amir Herzberg
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Amir Herzberg
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Alexander Azimov
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Job Snijders
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Alexander Azimov
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Job Snijders
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Ben Maddison
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Alexander Azimov
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Job Snijders
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Ben Maddison
- Re: [Sidrops] [WGLC] draft-ietf-sidrops-rpkimaxle… Job Snijders