Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects

Ben Maddison <benm@workonline.africa> Wed, 14 December 2022 18:30 UTC

Date: Wed, 14 Dec 2022 20:30:25 +0200
From: Ben Maddison <benm@workonline.africa>
To: Erik Rozendaal <erozendaal@ripe.net>
Cc: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram=40nist.gov@dmarc.ietf.org>, "sidrops@ietf.org" <sidrops@ietf.org>, "draft-ietf-sidrops-aspa-profile@ietf.org" <draft-ietf-sidrops-aspa-profile@ietf.org>
Message-ID: <20221214183025.ozl6vt5cr5ikxzyu@iolcus>
References: <SA1PR09MB8142F7C99E553E6610A925DF841B9@SA1PR09MB8142.namprd09.prod.outlook.com> <BAD4B943-2332-4274-B571-A756D495EAA1@ripe.net>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="2tenfgmtzcr3tgme"
Content-Disposition: inline
In-Reply-To: <BAD4B943-2332-4274-B571-A756D495EAA1@ripe.net>
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 2MjiEGpZMTkOe2HUfBZhoL/2cznzjammuIWAkpDOjmg51VJlot0SM2NmgFfOiJ/dncIvJAXm+gyATC8UNuFaayWTazDKeNHS59GS6sBC/txOzSGHQgT0hIadRRRMeMZ87rn2XtWpKdB91332GIkuZs5UoGSfpx0Z+tJY5bf8d5K0wnAb6ZpVSjnAjNj5fBVGC5P8UBuJYWPScms4uUEQuQN2luCiIV5HXla+nAz5I8T5GEgZDocfs8sERmX5UJOsw3G9sbrVZbiQEK9Dtq/55rYBrXWwEXOOek/h6qCehF4b6lZIZ4VHYEJy1d3/kakTIGIhcB0Q0llDUnaqP0lU09GuygFQUcLd/eEkOllut7SQHpfW+ONdxiQEfWI17/Pa3qRQAlfXIi9Ma4ml3wqCQtR+CC5zh05QuwDqJXBifclnFgDfwSu7XJABjwJKL1usdhVeU97yFS9VgkFk15Dk+n5zc34ITfqSDKNwYdDfLRPazbf615XTVRRsP0lYftpDSn9pop+puSMFhPVLNQt67LKAo7ipLsj05XwjQvzNcfmo50bIdZ42AUuto7MesDs2NJ/6GBs1kTQiOiFD7zSg5qeMtR3VCGmPMfEt5eQ7GWJO4SZGp0Ni+rcmpgJ1Fv+CU1DYwtarVv/o/xAmX4CFmmgEat5a6x7i1kmNI4txYr6RPd8ii8Z+G8qkci1nrVAwUzbp0gG3ffTClK9PNHujIGb4y/J/0KC6SY05YFfczbNIIgQ3gr+RV+rEk01jkJ0AaYhALxp/gCIz7jYTXLsIIXMXxfpd27vAFbtASmpWwyt4uS3FDBYJ/pg4mERgld75Wp0bZnfovNv1OVl2SlavQEbf/XZzs/OTYYCEczLAezn14MSCHp8a6ny2pLe5F255qwp9zzh8hkG79y73gnHfw3mAuHBOPKHrj28lkw5nsQLcIxEF0bxGdkSyM1+WtY4wfMxEPRdjKr9XMzCI8bkDrJQIKOoQ2OWz/c5QxwTbX6soIbI4kA0bNmXeciGf420+xZLr7OyVrPSWvDdBasAAgAqPk0L33cuDOxunwiHa5ikeT7gWeWfuFyCvWwUlGJah4DngGCDgzrQXaNA6+S/INjdSIAlJy7+ViZGLsigYfEse1PPDRRmJhhRugkCMeVL14LCxs96ddmCcx/x4las0sTAKa2oKUbId27g4EM6IwNwj53qZ4t9Mbh35YB1uLqWE5deVYFBfIys7aJ6zjmqTxXNQtjfAxDnEhtM60cySXzd8+f886zAwvCpi/Ivq8j40PF7PrBWMGPpqCHZPxr9ll2EBC10sOyZNBGzx47dmQaHJq5v9duStvJGtfifS6+uSfTgTowmJxWK/XDlF6riDRU9Dv5NKAiEJfAsd9SfSRUQqI4LslxBofEnvqDYTneco9a/NYIXmRvYcXEqr78Cu/U7PtVUNKDkB6jgSR1qGhrJ84C5tWIlbF4GMNEuZGGXLFZkx+GZ21jOCbuCNRbsfV6koHL66kAXNKwJhQalvq7QSSndcIw2o48Kwo3hf8y6oCpB1dTayHcw5YYS572qqz1409qZ07eto/9y1BMvrA6glGP9nPcQvzXO/XC2W/L3t
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 99f2061a-fd3d-4a08-ef98-08dade0147ca
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Dec 2022 18:30:30.9192 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: jCLWiL1rY8BDjY0eRnvlwCB7sjAfBOpatFZi7m7c2Ih98sEFmLfW1TQZSjzT3TSMC7ND2tjqELGJQmzj0f3RSA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAP190MB0823
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/Vskh7NLnw5C3HFntfEkj4plq9w4>
Subject: Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Dec 2022 18:30:44 -0000

Hi Erik,

On 12/09, Erik Rozendaal wrote:
> Hi Sriram,
> 
> Thanks for your feedback. We've decided to use the terminology already
> present in the RIPE NCC RPKI API for consistency. Since we already
> used "ASN" for ROAs we also used this for ASPA in preference over the
> RFC use of "AS ID".
> 
> With respect to the _afiLimit_ field we felt it was better to be
> explicit instead of depending on the absence (or null value). For the
> CMS objects it makes sense to use a default value to reduce the size
> of the objects, but this consideration doesn't really apply to our
> API.
> 
> The use of _providers_ vs _ProviderASSet_ is more personal preference
> and easier typing.

That all seems reasonable enough to me. I don't find the naming
differences particularly confusing.

I have some other observations though:

- I would call the no-afiLimit variant "NONE" rather than "ANY" as that
  is a closer match to the semantics of the actual ASPA field;
- I would make `aspaConfigurations` a map/object keyed by `customerAsn`,
  so that you get the guarantee of a unique ASPA per customer AS for
  free.
- I would make the ASN fields uint32s rather than strings beginning with
  "AS". The later are really inconvenient to write types or schema
  definitions for, with no benefit that I can see.

Let me know you thoughts?

Cheers,

Ben

Attachment: signature.asc

[Sidrops] RIPE NCC RPKI pilot for ASPA objects Erik Rozendaal
Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects Sriram, Kotikalapudi (Fed)
Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects Erik Rozendaal
Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects Ben Maddison
Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects Ties de Kock

Re: [Sidrops] RIPE NCC RPKI pilot for ASPA objects

Attachment: signature.asc