IETF Logo Mail Archive

Re: [Sidrops] Éric Vyncke's Yes on draft-ietf-sidrops-rpkimaxlen-12: (with COMMENT)

Ben Maddison <benm@workonline.africa> Tue, 09 August 2022 15:35 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39B39C14792A; Tue, 9 Aug 2022 08:35:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MrXAW360CpH7; Tue, 9 Aug 2022 08:35:30 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2078.outbound.protection.outlook.com [40.107.21.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2105C14CF16; Tue, 9 Aug 2022 08:35:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZA9SBV1vR0J7zckDldW5/l2OBhF0fs5COQ5EoNnc/duVlYOUJKOe47FOxFoPrOqpESKBCKun1KahWTFKN1VM/+6ypOZ3eymTb6QoEyJOzz+nBC2mE8j8+7a3/eEwMCvchta7pmCFhgOHCWqEBVcKsyMBxDPOTiZ/aq4s8huSNtpiRej5qz5gjxlNoaUZF6OWSgZGtIOmxLDxzJ4yXXhgOqjZsrArQL2qraXlD+lqsoHD5Ocr1xTGAECeTXxxdeGsUUz5ZkE31slbnWAw3LSw1Bt7Jt3g9nWA0Q25eoUC7na7yCA086XTC+66MeCLdhpnmEvS3ni5R1sCaMS9w+4LyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FQsykfvfRYfErDrmP30UOLqGkqpAdDq9leXsuNYC8LU=; b=PwtUoiaTT8fZKoP/B1scv0HLBbSaCykl5O1UsR4oBbSosYY4wF6rsLQvPSwui4tolnGHDdKwGmeyb/HTJU7HB9OWntd9+FWhvOPi+h6aHtaTk0ZK4H4B1AywL6Rclt+dbBoj6QOtWbxRH/XWNiT5wOqXEehzyPO/MVShGYvil6QkLrq0gQMGbujgnTTe80wphcQzluB8eEYx/37fmRO97DxQ8k6UYiXC3Ezi5dXuG+eyoiaUsdoP0pr7sVgJJNg2uau34P0nNnGrx+NEpCxFf/uclEwfafAPhkWpncHG/28Y5w28y2J+9OnX2jlhz7jCt5JT41CrjxOEUP+07ENekg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FQsykfvfRYfErDrmP30UOLqGkqpAdDq9leXsuNYC8LU=; b=eMn/+hgMF1b5uWp5JCMCXqFD8MAkjL/9bbIZiPQaPL67Z48E9+L5rnX+lmx2xct2nEsa499UGTZ+lvNebIkMGwBJVlNLNwSPwE7h9LOGJHiZ/KIuUJw+GDekj6ti7IbQ2pJTs+mCfzg4bV2MbKAL+jp/yCtyPPri4TU9Fi58gLk=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by DB9P190MB1596.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:246::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.14; Tue, 9 Aug 2022 15:35:15 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::24e3:a696:db62:47e8%8]) with mapi id 15.20.5504.021; Tue, 9 Aug 2022 15:35:15 +0000
Date: Tue, 09 Aug 2022 08:35:07 -0700
From: Ben Maddison <benm@workonline.africa>
To: Éric Vyncke <evyncke@cisco.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-sidrops-rpkimaxlen@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, morrowc@ops-netman.net
Message-ID: <20220809153507.wel7u6nklhno6uuh@benm-laptop>
References: <165995156373.50018.12758917851919504427@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="yuvxdajoqztqhkao"
Content-Disposition: inline
In-Reply-To: <165995156373.50018.12758917851919504427@ietfa.amsl.com>
X-ClientProxiedBy: CT2P275CA0102.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:26::23) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b69a17b6-847e-4810-a536-08da7a1cc180
X-MS-TrafficTypeDiagnostic: DB9P190MB1596:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: +YJF06eR298MIgn9Itccrr39f/GwOp6SQ0lXMaSjmsh19jKX6h37MXd2A48QlronQajnxlyejOEdFV6o3oJsxNaipTW6+9wCLc5UEgYMixnKM1v2SRMXlYw75P7c8VUUv7S5c9RwwguCTglXvC7yqcJilDBrl+jREa7QufvazbQUliGLbGC/BwXAY1kAHAsbAk4cPeTFnH7/f2wq9KDssn2zdf2MXfqZKRK4bUlaZFuDsZ0PJX2tUZn0J1E4Eus0zrsfAuKWr+V0jSa1BeY7ur2Mc8ZyBXKSWg2XKXX2dk5Tw44qxhvMkohkbhMCdbPVvg4lvT0Yx3T0IQe0SVvvNHswmaeSZGcPYwsgkzzOmuiflqb88OSYjYPOf4JULwS31BaxpOMAdtPXQDuMq5hCtbdovjUgG2Bgi+kll2+KB+7Z0QXhWHDDNGqGltqcsuT6T+6frrXd7x5Tmzuf6jVAVY0o605us7BwGvgBA9Oi1PvFOXX3nI34cfp8bz9etgE+nrrtlw5cOIcMytCI2c2iWx4GM2mqQclb7rw2QSG+FV2bOi/hUQ2TBBJB/QKaDL/HUjrf+XNGHXP6+qXBtb11BRYMgyvLsM2gd9dridqwEwMaI4HJz6ItwiVdywRpKTzgdOHNQW3IPQW9u610xwHWRqflmuSsEd0Kt1rNQggIKyXmAYMqest+GvP2LWDUzUvvcOyFF4ArMOthzTIrTq4WsqSKVbr8iRXgUVmZh7yWLH3slTRb6BunxYk4TizM6Snwj8wcEpu8Z8GluIgdrELL5ZyvDXjN6aOHBAUQewDfp3VvRN4hJEk9J1+4TRTbdHGJQMzgI3I0I3XxgzZUXGAr6xrTsBpSGTkm+oW1mLUgwzY=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(7916004)(366004)(396003)(136003)(376002)(39830400003)(346002)(186003)(6506007)(83380400001)(52116002)(26005)(6666004)(44144004)(86362001)(6512007)(224303003)(21480400003)(66574015)(9686003)(1076003)(316002)(6916009)(478600001)(41300700001)(6486002)(66946007)(66556008)(5660300002)(66476007)(4326008)(8936002)(38350700002)(38100700002)(2906002)(33716001)(46492015)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: RYRQi6M1HOPrT9YW+SCsR5h+s+y5CrM9Dbst3VMq8Oe6qdDQ3NlZ0OFyEQfUSzZkIbcLjuGWx58kvuY8WJ0MpfynFtnDV2tagHkxq45jP/Echv1/lIxVp3k3AiXXEjFqoacnQbYant9+AcYZNMHPztoAxF4VWT+7EiBeAD2eSvgmRGAw/irBj8ZMSH8qiB9EQA+KBq314Lt1EUreFnZOw2I4XRSeiVCmMrkXT4MCrAim5VOOoC4sqE0dTn9qoby6cTflvtNfBpvYLNHZT7TshBzuLEBFBHC9J9lCR643F3aCghB9n24M2eFfOfV87g4YWgv4Qwyf7lqF+yUZbsmZytPU6W9GBqRlqlZC8O42S3PrENjokZ+3ej1BqoN/zxGr+wc81uCna4QWKHDSi/QisU6RcYRb71vHZ7TS4wWRZVEfIkvlXbOejxtLUB8UCF1rylTHsssCo7/Wu/T5Bvq58o9y1Lk8EsBjzYm1mlipikvR0NXp98I4CbIzl/4Zco7ZaAuHb3gAux3EOqB8gSByIpu610gASbbupVJNJpqN11oWXwcrGfJI6VWbgDFwUZyABBrGf1lTo79xBl5jeL1Qx/zahlwnoN1OSay6zTSSfghI5pkp2K62ga+eIMVxWuGDbc6PzeEOdhBTVMFfHwnb7q34jsvptS8NAIIoOPJ2dw9wgoMH7sssqbc5XisUujGcqBlPJ7o12t+cSEMrAXrAIVVEXj954kp8h8GbLK53fqLVcYBOqvAE1jmTquGvx4+kwzj2BS8mwbpdv+lZrTXGIsUIXEcx0gr/WPV0b0tNCe3F/IJhAL2szYKm4Pw1eyvmwokV4Sax2oVms0XWmLdzUh3eXmLpgJJv/MlP0F+HnMuMxeOme50QRZ3FEdqQ1vDl0hEE01n9MPvQXGp7Hokas6c4zJqhsJfRmF5ewyMVqWdGfW8xMmS9ggiOh/5+YOSMJVROT92CThr+QvIrYlRT1/H1t4AvNXc2ml47rDb2zBJEKV2jgvZWKn5BFA82yXHYheYdXq8TP+Wfkzl3E7GFtwYD0PS2vZlReh31sIeE2fc9Jk4OLf6aA51hAtoGBSOC1OXZ8vTfsLrZ6K/oXODlPknBkiyTebX1KLgb8D/vFRy0ncHgALS8Ole301h5WU2mQdUMvv933Vz8s4d3OTW6D/1TJuSU7+msyBAnxZSDnzF2m85vzSxJ3q1Zs53AXonjePO0hke/uHR7zJz1MkJBeZUX6SkGy7j0hEtIntLiznMrsOLti0o11ipKl2fMMGEb2TCahLiEMyll8o8kO2jLBBbxqx6V9GRmvEAl3yLEycN+Qhc85rgOjPEv10uLz2x/MEV0PXMOQYO6d6yeZRtfjB8tqz8wi6Bd+ShyCZgC3HHCeus/6Jt3GVQq/bbanExf2PV/tayHdtMGc0t3pBG3p5te+upwvmf1dAUWwV68HddG/LRI7DJnV7a2xXCGIpSGU6gz5LZm/liVJz8riG3z/oRXPTAJum45W0pIm52pAeEb3+OcmPoI6sZJ0pDoPhdXSCcYdlrcK+jtm5f9DoXtoljXg/4ZsEn7JnON3enVu62w4NuFBImS1uUJUCLFqGQ/
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: b69a17b6-847e-4810-a536-08da7a1cc180
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Aug 2022 15:35:15.3109 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 0Xb6ix/Oz/RbM7EuExn/1eZER4FKlxFrgE7xSxdE9TsfjcbS62YahehYyrld5WunK1w8BK4vnYu/Yr1EKh/yjQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9P190MB1596
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/S6KLEZQZK6Ch2pJdG4Pm9mXpQg0>
Subject: Re: [Sidrops] Éric Vyncke's Yes on draft-ietf-sidrops-rpkimaxlen-12: (with COMMENT)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2022 15:35:36 -0000

Hi Éric,

Thanks for the comments. Some responses in line.

On 08/08, Éric Vyncke via Datatracker wrote:
[..]
> 
> ### Section 1, freshness of the I-D
> 
> `measurements taken in June 2017`, it is 5 years ago. Is the situation still
> identical ? or has there been some progress ?

I am not aware of any formal research following on from the original
paper cited in the draft.

Anecdotally, the rate at which I get asked the questions that we're
seeking to answer has remained fairly constant over that time.

In any event, even if this is a mistake that operators are no longer
making today, nothing stops new operators coming along to make old
mistakes tomorrow!

> ### Section 1, reference to detailed explanations
> 
> As section 3 provides a description of the hijack attack, it would be nice to
> put a forward internal reference to it in section 1 (after the external
> reference).

Agreed. I think the correct place for the ref is at the end of the 3rd
paragraph of section 1.

Please confirm whether this is what you had in mind, as I'm struggling
to see where you intended to point with "after the external reference"?

> ### Use of IPv4-only RFC 1918
> 
> Rather than using RFC 1918 network prefixes instead of the documentation ones,
> why not using the IPv6 documentation prefix ? After all, we are in 2022 ;-)
> BTW, I will really appreciate a reply on this (was about to raise a DISCUSS to
> ensure getting an explanation).

I made exactly the same point during the early drafting of the document.

The argument from one of my co-authors which eventually persuaded me
was approximately:

The intended audience of this document is *not* those operators that
are 100% current with Internet standards and best practises; rather, this
document aims at those operators attempting to find guidance on a
difficult topic, without necessarily having a deep understanding of the
protocols or systems involved.
That audience is very likely to be less familiar with IPv6 than IPv4,
thus presenting complex examples in IPv6 is less likely to result in a
clear understanding for those readers.

I am interested to hear your thoughts on this.

Cheers,

Ben

v2.23.0 | Report a Bug | By Email