[Sidrops] Roman Danyliw's Discuss on draft-ietf-sidrops-lta-use-cases-06: (with DISCUSS and COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 01 May 2019 18:35 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-sidrops-lta-use-cases@ietf.org, Chris Morrow <morrowc@ops-netman.net>, sidrops-chairs@ietf.org, morrowc@ops-netman.net, sidrops@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <155673575623.1018.2628095868041430703.idtracker@ietfa.amsl.com>
Date: Wed, 01 May 2019 11:35:56 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/VOfwX3BKhC2jMgfNAYfd5_UQNU0>
Subject: [Sidrops] Roman Danyliw's Discuss on draft-ietf-sidrops-lta-use-cases-06: (with DISCUSS and COMMENT)

Roman Danyliw has entered the following ballot position for
draft-ietf-sidrops-lta-use-cases-06: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-sidrops-lta-use-cases/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

I had a few questions about use case #3.

(1) I want to discuss what I see as a dissonance between use case #3 (Section
4, “Alice is responsible for the trusted routing for a large organization …”)
and the Security Considerations.  It appears that use case #3 is explicitly
describing an on-path attack per RFC3552.  Is use case #3 a use case or an
attack against RPKI?

There seems to me to be an analog between use case #3 and the TLS/web MitM
discussions where the consensus was not to standardize these features despite
their existence.  In what way do you see RPKI as different?

(2) Thanks for the additional background in in [1].  More to clarity along the
lines of Mirja’s DISCUSS, I’m trying to unpack the use case #3 text in Section
4.

Original Text: “Alice is responsible for the trusted routing for a large
organization, commercial or geo-political, in which management requests to
redirect their competitors' prefixes to socially acceptable data.”

If Alice is “(us|china|uk|justabouteverybody)” per [1], who is the “management”
in the context of a government? Furthermore, “competitor’s” is confusing to me
because it seems odd to characterize the networks of objectionable content as
competitors to other governments.  I would have read this text as “Alice is a
network operator who has been directed to inspect and redirect select prefixes
to …”.

[1] https://mailarchive.ietf.org/arch/msg/sidrops/qGulOfrDPxXgMC9HLJWpXYeBOi4


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

A few editorial nits:

(1) Section 3.  Editorial Nit.

s/There are critical uses of the RPKI where a local administrative and/or
routing domain, e.g. an end-user site, a particular ISP or content provider, an
organization, a geo-political region, ... may wish to have a specialized view
of the RPK./

There are critical uses of the RPKI where a local administrative and/or routing
domain (e.g., an end-user site, a particular ISP or content provider, an
organization, a geo-political region) may wish to have a specialized view of
the RPK./

(2) Section 4.  Editorial Nit.
s/(LIR, PI holder, …)/(e.g., LIR, PI holder)/

[Sidrops] Roman Danyliw's Discuss on draft-ietf-s… Roman Danyliw via Datatracker
Re: [Sidrops] Roman Danyliw's Discuss on draft-ie… Randy Bush