Re: [Sidrops] Which 8210-bis error code should be used?
"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Mon, 22 May 2023 05:05 UTC
Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16096C1782BC; Sun, 21 May 2023 22:05:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nVy3Ra7VAbmj; Sun, 21 May 2023 22:05:27 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02on2070d.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d04::70d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E8528C1782C0; Sun, 21 May 2023 22:05:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Y6oPubhrsKieWHdBiu75QFDOvERZLo5lMa5BXZ0oMmcDYtMe4CuUJBUUfMAW+WaN3SFZLm/RLUfuAoBmj9QNRV/c5IEuwcoIXPOKRETeyCUzGY4Xs+1p8Bw63vey4xYR6etkQ8cKsr6zKt/ICwgXUur1o3GRi4bl/L2AZM5OvNbeKymX6weSzs8XXz3HhG4uaJXjtAfNwtU7shDrK9HOvLBE17p6HWRTlnqQ5D6u2PaKlX5YeW2QXPbp3/HaWF7+5vizdY2eDE7gwLZTqHGAH7LXQRA1w/f+vBk8JN7TtT7nhKOOKEQsOcno382BK/M/6wAv8kpoF2IJH4JJjg1wgw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=B1WsMsKKcg0/F3pQqtxP/Vw318s05Ebp+psBYk0n+oA=; b=mlcr34YQOU2sSY8fEq7SF6bVLay1DDeFcigupSCw2cLaYQl9bqhHqTUSnh+9h/ZVwI4Jrh2VcX2Pbc1ZBbPeQgSKyqlYEVS+l1Cv1h40wt8/fvcwg9M3UkhlJvg5UWwNnXnvpCXKBIzFtyKjNM/emg+1R05nQQpNMMCjiAX+3txsZorRPKfyqADZvceWit71dEheDJ4mQ7/RaThlCAbXThiV190uCBGyIjCNAHGXLxoazHpopEi4+EsNf+NV8H/IlhuVwAvMfNNDKlDhmorXrbQfpUt4e3qshQQ9yhqcXStGidC6SE4C++wW5R9FMhkz5THamUuOkqqw32Yfsq1tjg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B1WsMsKKcg0/F3pQqtxP/Vw318s05Ebp+psBYk0n+oA=; b=MozVrhSUtbaObfQmdvOioJDperldl7DMOzXupe2RIXkCoZvBNMCrHp+SVHmn/M7QAPkyCBTydnOMsZqi6CTx+1It4WV7nMZLd/1nKAV3L5RQShbYBFLQYZfE4NCofQ2S6svpgoz8ODjVx2wTH30zkf4rRYkYlDgbdwXRYE7VDlie6GAL1gb20wR2i584eMYu82IhRU66YPuUESy2Vco2c3UqBgY04BXMP/Zt9L4bzpduAMdOdiNX8bz5YIvym2U/DTsEVNF2Yy2+6XniOZqXqYzN6bW0Az4NE/P3BizWQDNh1xTdf/0k+taPmpC9mNUkOqrWnAWAtWWBjt3A2FOfqw==
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8) by SJ0PR09MB8903.namprd09.prod.outlook.com (2603:10b6:a03:46d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6411.28; Mon, 22 May 2023 05:05:21 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::226a:790b:a85c:d03e]) by SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::226a:790b:a85c:d03e%6]) with mapi id 15.20.6411.028; Mon, 22 May 2023 05:05:21 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: Claudio Jeker <cjeker@diehard.n-r-g.com>, "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
CC: "sidrops@ietf.org" <sidrops@ietf.org>, "draft-ietf-sidrops-aspa-verification@ietf.org" <draft-ietf-sidrops-aspa-verification@ietf.org>
Thread-Topic: [Sidrops] Which 8210-bis error code should be used?
Thread-Index: AQHZjGoouoCCjos6I0abK1swrBoUDq9lu9uA
Date: Mon, 22 May 2023 05:05:21 +0000
Message-ID: <SA1PR09MB814231707524646D651B69B884439@SA1PR09MB8142.namprd09.prod.outlook.com>
References: <SA1PR09MB8142523FA03AC4EA6E0E014E847C9@SA1PR09MB8142.namprd09.prod.outlook.com> <SA1PR09MB814235BE0566A5C6935CF5B184439@SA1PR09MB8142.namprd09.prod.outlook.com>
In-Reply-To: <SA1PR09MB814235BE0566A5C6935CF5B184439@SA1PR09MB8142.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR09MB8142:EE_|SJ0PR09MB8903:EE_
x-ms-office365-filtering-correlation-id: f9347a53-2472-4ffe-21ca-08db5a8224b7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 01pk7Wsr5rxZZqadXQ+PiDS7iNsWZD0YorFzJ0hzvjkxsjRr+myZ/UeWaTdDWPw5deYPgCYqJ4pHibRNCUwXKuKcsWeK+w2utaXH3mFryebhbJyc38hx+n/ZyXY0NaZY7FE5rvcDwGUH8DTuAyr8nkUw7kBPx75RT64XmaJ+9cKvjk1JGcWhus3IWCpFMTX3QzjEvB3nlAL7mqeD5CdJrKN+FrN4ExCL+BmW7C6ulTX6N/PpP/fBRx60vJJE8k5stCJ6C4NMcMXLa3Xoq1AHNMTuL90Nd7AyXItdqzO+Fy5iSo6WiHSxSUpWjC4+KZpTR8LwO8dilhA4xlpLg8J1jZcNYYsrfjRDZvce2MrRl0c48hLZHhTtCeDcDWtmkZn4HcNRBOezXUxHhvuRb+mLpvePhpR16akAFVCsypzrUYcgjf/LcB5CvimCjV+9/iELzVM8p7HRuRYK1cg+34osr0Wsb6hskeg20oWBPMOcmYrMXyUfoHCHuAgqs60KzVpHTL1okOsED8Mqvhm+DlzB3nVB0vdSBDV+hKnfbFV6eCReCQMTW3HTRTWlaIBHnnKMYWa2W87aq859pkEbA274qbGoYDapCXE7lXqOwrA1rCU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR09MB8142.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(366004)(451199021)(8676002)(8936002)(5660300002)(52536014)(83380400001)(186003)(2940100002)(26005)(9686003)(6506007)(86362001)(122000001)(38100700002)(166002)(82960400001)(38070700005)(7696005)(33656002)(71200400001)(55016003)(966005)(66446008)(66476007)(66556008)(66946007)(76116006)(64756008)(6636002)(4326008)(498600001)(110136005)(54906003)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: E8ZewfedoNlsbDO4Y1mblpAmz8lOvNoCO9wFuNBPpjj5YjeyoxMwnoH5OBUKUn931nqeaHAF/oZqhn1QhHqL0apUD5qqY0ppslvyE8K+ff2HK8qKMLnOE63XqKmsWaNm+l0qLHNjbO47MrbAbUjzVfG88xzP0H6jyGF+L7sXmAuAjQ7CAKch/12SgvWcsP2MFVyAIcyQlgsaTyMRkmH8jn/HnK6PVC7qnMktzj0xAMrxpQyVSTn9Th+3jMFVN1NLw/YS53FgQp8wcLErs1ccutl+ECO0HkDtJDMGfK0Sdm1ibr0ub0akrpCmOEPKT5i43bhv2upZHQde/3G8Erd4gQ2kdj9BkM3AuugOwDRQPKUkiuHgHdIbSv5ust8T3h6VGU4EE6H9IRToazlqwOc7Mgnf+coU3i6Tas+SVGTQUJQlMDlRzYqFFWcyf+pAXsiY3iiVlFEHDT9kKRGY3IgKgXWMf/+BcL1cIFxkRuNT8bce1u7StpAMjucW16O9k5miCpsonvvDju1WRD2W8g1/6ShzSHiIyEV3Pp9w8x34IZhJepW6dd3pNsHXddqTA7t8O5CHB/i12pJnS6Ks/SF2dHrAj5Pa31LrJ96w2ncXIH8YK02PrtGW5ED0XS3Y4RXBPEHIfBICzBemUs/6iXDxf7owRp2rBrXr5qSzaX/MHZEVZvz/dMxNsLDrPGYXvqtA0PMv1WT4Kq+r7X5GS7UBnjkN+JbL5fWE+hXWVg4BxyLmyW8enPCjJxlT5IDd1SgP+kxfz3sGKb9bGIhXFr5K0uBT/R4Vgq6UxcqIUl2adwrx0cfXHON3Zkpv8xejRKyq01TdZrncsSQNv7lAREA5kaYxyJKG9jZO2uv9TN2WKh2mBAI4w7TnyYXhjmeAhizeeY8YdQCVSG39QWdGJtAVEm7JW9j7pY4m8B80YEPI5t3OOWUYP8MLCi2pgKRiJxI3NIq2MMk5aRM2mdq68mV9abdWkKmG/rHgVfFvGcm3GcER4Y88eIW0HQCvLDd6SmJ7uc5cFiFfF1sURP/pEm5xBdFSrvpHOToc5l5cWnVnoNr0p+CDIoM3y8XyfEO40ap/LWhzzJ2AI8GyhE7b0PkoarpkD8M/AOEKYwh4iWDx6XGLTVRI8jwchEb7BvAhu3SeIUWN2RKJqKUGLudwV9AneygMpne3VpqOdtsud45hor6pX5o/T9BzIws8ryOhR8+AKJRhzUKjklagceuPUJ2mhFGxhpPFjZqeILlanQjuiGBC5VKe7obSP/ySxQWVxMlbSttEid0XSDzIKzZh3RZS6Jk1cXJ1qI/yQQ4yCzdLYlMoDtN4zqF6oUVhu6++VwlekdeC1l9WphnjKM6S5o/4+3fj2OCV2V1wMPQcm1MBoMV/3eRXJ+BNxUnN7o53hXeZVcNKWxbLZLG/IGkDxYxBF8a+PMTe9ITe/nnUGa7Ckd5c3wvW9eWxkYF/IOjmmhuLazxTxLGp3KvtVReRYVWKiHRNBjOZy8koDkVUoFrYxD7/JbCF1r8sHxEhRgTt11ldbJ0+gBu3fHfFkERnMZ62/4uizpBnI8pHRRZMZNPYWjY=
Content-Type: multipart/alternative; boundary="_000_SA1PR09MB814231707524646D651B69B884439SA1PR09MB8142namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f9347a53-2472-4ffe-21ca-08db5a8224b7
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 May 2023 05:05:21.1254 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR09MB8903
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/e4tIqSHjq_zFSIMl521TOnYAUxs>
Subject: Re: [Sidrops] Which 8210-bis error code should be used?
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2023 05:05:31 -0000
Oliver and I have discussed the issue off-list. Requiring an artificial insertion of an AS 0 only VAP-SPAS for the neglected AFI for the CAS is not required. The verification algorithm (hop-check function in Section 5) inherently takes care of the neglected AFI (absent VAP-SPAS) situation. The previously proposed text change ( https://mailarchive.ietf.org/arch/msg/sidrops/C5newCanz60yBNc6myoEZfQnMoc/ ) is retracted. But a slight modification of the paragraph in consideration would be good as follows: OLD text: If, despite the above recommendations, the ASPA(s) of a CAS includes SPAS for one AFI but not for the other AFI (not even an AS 0), the ASPA SHALL NOT be rejected just for that reason. However, such an ASPA(s) will be presumed to imply that the CAS has no providers (equivalent to AS 0 SPAS) for the AFI that they neglected to include. NEW text: If, despite the above recommendations, the ASPA(s) of a CAS includes SPAS for one AFI but not for the other AFI (not even an AS 0), then for AS_PATH verification purposes, the CAS is considered to have no providers (i.e., absent VAP-SPAS) for the neglected AFI (see the hop- check function computation in Section 5). (Note: Artificial insertion of an AS 0 only VAP-SPAS for the neglected AFI for the CAS is not required.) The hop-check function is slightly tweaked as follows: / | "No Attestation" if there is no entry | in VAP-SPAS table for CAS = AS(i) | hop(AS(i), AS(j), AFI) = / Else, "Provider+" if a VAP-SPAS entry for \ CAS = AS(i) for the mentioned AFI | is present and includes AS(j) | | Else, "Not Provider+" \ This is basically the same function definition as before but makes it clearer that since VAP-SPAS is absent for the neglected AFI, there would be no match in the VAP-SPAS for AS(j) and hence the outcome for that AFI would be "Not Provider+". Sriram
- [Sidrops] Which 8210-bis error code should be use… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Randy Bush
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- [Sidrops] some wording improvements in draft-ietf… Sriram, Kotikalapudi (Fed)
- Re: [Sidrops] some wording improvements in draft-… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Jay Borkenhagen
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Martin Hoffmann
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Job Snijders
- Re: [Sidrops] Which 8210-bis error code should be… Randy Bush
- Re: [Sidrops] Which 8210-bis error code should be… Martin Hoffmann
- Re: [Sidrops] Which 8210-bis error code should be… Tim Bruijnzeels
- Re: [Sidrops] Which 8210-bis error code should be… Tim Bruijnzeels
- Re: [Sidrops] Which 8210-bis error code should be… Borchert, Oliver (Fed)
- Re: [Sidrops] Which 8210-bis error code should be… Jay Borkenhagen
- Re: [Sidrops] Which 8210-bis error code should be… Hollyman, Michael
- Re: [Sidrops] Which 8210-bis error code should be… Mikael Abrahamsson
- Re: [Sidrops] Which 8210-bis error code should be… Tony Tauber
- Re: [Sidrops] Which 8210-bis error code should be… Yangyang Wang
- Re: [Sidrops] Which 8210-bis error code should be… Tim Bruijnzeels
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Tim Bruijnzeels
- Re: [Sidrops] Which 8210-bis error code should be… gengnan
- Re: [Sidrops] Which 8210-bis error code should be… Claudio Jeker
- Re: [Sidrops] Which 8210-bis error code should be… Borchert, Oliver (Fed)