Re: [Sidrops] I-D Action: draft-ietf-sidrops-route-server-rpki-light-02.txt
Aris Lambrianidis <aristidis.lambrianidis@ams-ix.net> Tue, 25 July 2017 19:15 UTC
Return-Path: <aristidis.lambrianidis@ams-ix.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF1C4131D06; Tue, 25 Jul 2017 12:15:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EYcmeTg-omw2; Tue, 25 Jul 2017 12:15:56 -0700 (PDT)
Received: from deliverix.ams-ix.net (deliverix.ams-ix.net [IPv6:2001:67c:1a8:a101::70]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF1C0127136; Tue, 25 Jul 2017 12:15:55 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at ams-ix.net
Received: from [IPv6:2001:67c:1a8:102:10e2:b570:73cc:c076] (unknown [IPv6:2001:67c:1a8:102:10e2:b570:73cc:c076]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: aristidis) by deliverix.ams-ix.net (Postfix) with ESMTPSA id 5A933416D5; Tue, 25 Jul 2017 21:15:54 +0200 (CEST)
From: Aris Lambrianidis <aristidis.lambrianidis@ams-ix.net>
Message-Id: <23C61E35-DE89-42F8-A14B-4BA4AA68C993@ams-ix.net>
Content-Type: multipart/signed; boundary="Apple-Mail=_13216EA6-C366-42CA-8006-352F70AD6224"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Tue, 25 Jul 2017 21:15:53 +0200
In-Reply-To: <20170725184527.qyd63ipba2mvyksl@Vurt.local>
Cc: draft-ietf-sidrops-route-server-rpki-light@ietf.org, Nick Hilliard <nick@foobar.org>
To: Job Snijders <job@instituut.net>, "sidrops@ietf.org" <sidrops@ietf.org>
References: <149192729348.15702.14003842869826829117@ietfa.amsl.com> <8EB8DB53-793E-4269-8CF4-6BAB1D2B76B6@de-cix.net> <B3BC1C5C-27AE-4809-82B6-297D090CEF0C@ams-ix.net> <5971FE7B.6060607@foobar.org> <F1D60787-5C00-46EF-BADE-8E68ECDEB506@ams-ix.net> <20170725184527.qyd63ipba2mvyksl@Vurt.local>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/fZVp3OlHr0yrinMCXU1FSzmGrFM>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-route-server-rpki-light-02.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jul 2017 19:15:59 -0000
Hi, Two comments: 1. Regarding transitivity of the extended community: This draft was never meant to replace RPKI. To state the obvious, it is impossible to do so, as cryptographic assurance does not exist for BGP communities. This basically means that any caveats applicable for known (and unknown) communities still apply. At its core, it's merely an informational tag. I would expect it should be up to the administrative authority to decide whether and how much they: a) Would trust such a tag (hopefully not at all if they are far removed from the AS conducting the validation, and marginally, if at all, if they are directly connected) b) Would scrub such communities or c) Would propagate them to its EBGP peers. As an example, I would certainly not consider it a general good practice to pass on such a tag to my upstreams, but I could see a use case in which I, as a single authority, administer multiple (non-confederated) Autonomous Systems and would like the community be propagated across these. 2. Personally, I believe including the ASN conducting the Prefix Origin Validation as a field within the encoding makes sense, for the reasons Job stated. I’ve already committed a version of the draft in our repository to reflect this change, but I’ll wait for author consensus before we submit a newer draft to the IETF repository. --Aris > On 25 Jul 2017, at 20:45, Job Snijders <job@instituut.net> wrote: > > Hi all, > > On Tue, Jul 25, 2017 at 04:38:38PM +0200, Aris Lambrianidis wrote: >> We’re working on an updated draft to elaborate further on the valid >> path hiding concerns you raised, as well as describing a new >> transitive extended BGP community attribute, (instead of reusing the >> one described in RFC8097), based on Job Snijders’ offline comments. > > I had some more dialogue with Aris off-list, and the following idea came up: > > With the current approach as outlined in sidrops-route-server-rpki-light-02 > I find the anonymous attestation "this is a valid route" problematic. > However if hints are provided which ASN made the claim, the idea of > well-known communities to signal observed states is perhaps less > problematic. > > What if a "Transitive Four-Octet AS-Specific Extended Community Sub-Type" > is used and (route server) operators put their own ASN in the Global > Administrator field, and an integer signifying the observed state in the > Local Administrator field. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | 0x02 | Sub-Type TBD | Global Administrator : > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > : Global Administrator (cont.) | validationstate | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > (validationstate: 0 = "valid", 1 = "not found", 2 = "invalid") > > While i am still not entirely sold on the idea of "RPKI Light", this > approach would alleviate some of my concerns: > > - As a transitive type, this community is allowed to cross EBGP > boundaries without causing controversy; > > - by putting the attesting network's ASN in the Global Administrator > field, any users of the community will need to explicitly > configure their routing policy to match on those parameters, and > we can then reasonably expect them to scrub in the appropiate > places as well. This is a form of "opt-in". > > Furthermore I think the draft's intended status should be adjusted > from "Standards track" to "Informational" (as is customary for most > well-known communities). Half of the "Transitive Four-Octet AS-Specific > Extended Community Sub-Types" space is FCFS anyway, so "Informational" > is sufficient to obtain a codepoint. > > Thoughts? > > Kind regards, > > Job > > _______________________________________________ > Sidrops mailing list > Sidrops@ietf.org > https://www.ietf.org/mailman/listinfo/sidrops
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Thomas King
- [Sidrops] I-D Action: draft-ietf-sidrops-route-se… internet-drafts
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Aris Lambrianidis
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Nick Hilliard
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Aris Lambrianidis
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Job Snijders
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Jakob Heitz (jheitz)
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Job Snijders
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Job Snijders
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Aris Lambrianidis
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Job Snijders
- Re: [Sidrops] I-D Action: draft-ietf-sidrops-rout… Randy Bush