IETF Logo Mail Archive

Re: [Sidrops] [routing-wg] misconceptions about ROV

Job Snijders <job@fastly.com> Tue, 22 February 2022 10:48 UTC

Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143323A0D4E for <sidrops@ietfa.amsl.com>; Tue, 22 Feb 2022 02:48:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.099
X-Spam-Level:
X-Spam-Status: No, score=-7.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nAaddBQpwjct for <sidrops@ietfa.amsl.com>; Tue, 22 Feb 2022 02:47:59 -0800 (PST)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65F493A0D48 for <sidrops@ietf.org>; Tue, 22 Feb 2022 02:47:59 -0800 (PST)
Received: by mail-ej1-x629.google.com with SMTP id qk11so41654286ejb.2 for <sidrops@ietf.org>; Tue, 22 Feb 2022 02:47:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=jWrs2+L8jJlBV6zF5Nxc5UjnmLvZCcSWaN5FtBLenz8=; b=I0dRJIx+7IFex6B9INSi1l92Pe0V5DbKm5PEtLcj0GpkU8tpPcDCX6hBrmPgtQjemd QL7E49nYUmwusimbC3U4HKYuj4Ru38d/pe9OKQImWUGuWhznHmz90OtylAOxzy1KjFw/ WklwMZfNepf+3dYn4oZl9nY5Fkd7EEX+YdXiI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=jWrs2+L8jJlBV6zF5Nxc5UjnmLvZCcSWaN5FtBLenz8=; b=RUD5Ihc2PV90sUPQLXtym00lukO2h7dg0vR9Wtirveh50Ruvimt/I0H5xAFmMmJKpZ SGDY8AKUPMt4pJThaFUmVA6jBEmDuhon9Zvy0CFn6N5ahII7AVbHGyccIP+I92/qkvOX AKlNZHHcVS8aOw6fepdovhFaML1eeU3+rl5rorUB7xyjIVngJude9p3YAGW0H5wLyxWt 20Q1ZlJHY757PxcT2qh3fQG9iNexn//plmw+QES44ffji+PtPj+3v1AG94J6QcT9HE+B e/vrowSsUMRmrbLe45Wzx3LRP25owPM52SR/sGO2ys0fM2iXy1BFkqUIH41X2em0RYi9 T5BA==
X-Gm-Message-State: AOAM530tfT+5sWMYxSyTgEm0X3J22QKFilUMwdMC4Is+5NI/nutoFhml IpIxDrOpsmKD2IVCrFhhLNSHMXMr2Acy57fqOH70zapbo0XXLSirXWAhR2ll0i5DHQ6AsXHyWgX qfyDgL9BQqZlByfeihDlxh5OPf05Crx8Hl9gIbQgrYuuNVSLI+oFx+B0=
X-Google-Smtp-Source: ABdhPJx3ZKaxQ016AIdq2rXylxEPCjJHAzVXvipnMHgTzedatrVR0U4MIeywkDdLT+uEDbRiZvo9fA==
X-Received: by 2002:a17:907:505:b0:6cf:95c:5d6e with SMTP id wj5-20020a170907050500b006cf095c5d6emr18634491ejb.13.1645526875824; Tue, 22 Feb 2022 02:47:55 -0800 (PST)
Received: from snel ([2a10:3781:276:2:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id b14sm6141325ejb.160.2022.02.22.02.47.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Feb 2022 02:47:55 -0800 (PST)
Date: Tue, 22 Feb 2022 11:47:53 +0100
From: Job Snijders <job@fastly.com>
To: sidrops@ietf.org
Message-ID: <YhS/WR3czIP3jNLF@snel>
References: <m2h78roqbp.wl-randy@psg.com> <7FBC2063-2404-4BF9-836E-210629C4BA63@juicybun.cn> <m28ru3ofyq.wl-randy@psg.com> <3C18BA8C-FA34-4D24-96E4-F85644089513@nlnetlabs.nl> <015C9C28-4230-40D8-A9F2-7420B726C00F@juicybun.cn> <DF148DA2-C94D-42BF-A37F-668D9B37860B@nlnetlabs.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <DF148DA2-C94D-42BF-A37F-668D9B37860B@nlnetlabs.nl>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/cRRbl-d6pf0mCuXEMvcfMbIObqQ>
Subject: Re: [Sidrops] [routing-wg] misconceptions about ROV
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2022 10:48:04 -0000

On Tue, Feb 22, 2022 at 10:19:23AM +0100, Tim Bruijnzeels wrote:
> > On 22 Feb 2022, at 09:51, Di Ma <madi@juicybun.cn> wrote:
> > It seems to be a good idea to do signaling and have a sort of signed
> > object for policy indicator :-)
> 
> I think we need a model where we can have valid/invalid/not-found (or
> equivalent) for paths.

Do we really? Slide 10 "BGPsec is protocol, not policy":
https://archive.nanog.org/meetings/nanog52/presentations/Tuesday/Bush-bgpsec.pdf

> Then we people can turn validation on with much less risk, and people
> can start implementing BGPSec on their routers independently with more
> immediate (albeit initially small) benefit.

I am not so sure about the above, it seems the reasoning stems from a
desire to seek compromise without regard for the consequences of such
settlement. The notion of "less risk" needs to be quantified more
precisely to have meaning.

I understand the goal of BGPsec deployment to be to reject
BGPsec-invalid paths, that's all. If the signatures are trash: don't
accept it, I don't see 'middleground'.

Are there any scenarios in which one would want to accept BGPsec invalid
paths? Similarly, RP implementations discard malformed ROAs, network
operators reject RPKI ROV-invalid BGP updates.

If people perceive risk: don't enable BGPsec, let others be the early
adaptors. It is early days, lots of software still has to be written,
lots of testing is required.

> Note that all this is orthogonal to ASPA. ASPA essentially says
> whether paths are plausible, and BGPSec (valid path) says what
> actually happened.

Yes, the above is an accurate summary.

> Though if ASPA informs that an adjacency is invalid then this could
> perhaps be valuable input to BGPSec path validation with regards to
> downgrade detection.

Only time and research can tell whether it is a useful signal to
transfer from one plane to another plane.

Regards,

Job

v2.8.7 | Report a Bug | By Email