Re: [Sidrops] weak validation is unfit for production (Was: Reason for Outage report)

Stephen Kent <stkent@verizon.net> Sun, 30 August 2020 19:59 UTC

Return-Path: <stkent@verizon.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 739743A040F for <sidrops@ietfa.amsl.com>; Sun, 30 Aug 2020 12:59:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.049
X-Spam-Level:
X-Spam-Status: No, score=-3.049 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.948, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verizon.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D0TmhH8yU2ru for <sidrops@ietfa.amsl.com>; Sun, 30 Aug 2020 12:59:57 -0700 (PDT)
Received: from sonic311-14.consmr.mail.bf2.yahoo.com (sonic311-14.consmr.mail.bf2.yahoo.com [74.6.131.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F06E3A043E for <sidrops@ietf.org>; Sun, 30 Aug 2020 12:59:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verizon.net; s=a2048; t=1598817596; bh=Kn8P3DizRAUhoMn9d6RNl8RxX29SH66+iwZyBlMTqQc=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=tAyoMvoMpLimFvBXg1vRPcLC7YYEfoM9NR3Q/0gIAWwpdoBFMS4vl5qp1TCsWQhj2AZK2n7+ZCDOZhSFdBlw0WwciOVLuiPP15rycU/d1+Rnlk8pMi2J4am+WILIPwolTaWdm9GivPY3ku3OdRlksJ1kEr2PW0iB3VNC2PdNhEaovLHB1zdxq5fFMatCHxirwIilDUkqdsXcaQCMUPeE0HE0PEMmwzBsLIbHiQXX5OnAgrO26jmsSiu3ftHql6OUfrW+UUNsBgjrfwaULMzm3vgF1EzjJ0wAI7MHo1tWyyNGcVnjZ/MaX+Uvs8653XckH45shf3iACkt/I1kMEIHSw==
X-YMail-OSG: cl7fxEcVM1mFdhu6Ds6bwEZ_5CzSan8apNHBxqIJiUDd_TJScn8eWTYgVcHeeWo ARVGYsTRJDNgduUadCAKtpWXl9GUwutJmK9Pmza6jLItDpCzyz2xnMenNBfui4w6pKGSFyCC5A6H 7_njak42oZTZQwq74W.jdfbFPma91PJWFgWLy4fz3o4YzqWx37o6AnN7XFAqNtW9dSToEYAgXYQJ HoQ58rVM0H69SWt5eac4I8LsTLEzXGFP1ONSRmzgf6FeXK1L_VbIGyGYy9jhoUMR6fwMfrlqKN00 nZDcT712TW1PJMoVj1iHQZ11Tqr5C4TTIMNdpXeS8Kd_xCe_odqS_VI8xZyLPvyPXCzXu_5ZqKzT 8JyiUc382YdiV4jHZQUkyGkylkh8CeSNf5YP0oiEaZm5e8KT9utKhL3zVXFko55siXJiL7ntPpEB w.KEGg.SQNkbMHxNcMNs4jVB3z2IJiSJkrtmz.viH_yQpbHOwa_AmytieM.jBgWgT9n3o6WAxSeM trUOYz1AcJzdhjLf5LKqeDnwnbj7NzdH4LXE5_e8GmWgwrrRUU6ao7A1mGgVps3QJ2g0FeEk.UWm j6FBcLs3NU_nGt4Ue3cJbOzczGSL9f66OgvyhKaCOAItKXTxTFNzxLMm7Pa0DaSAjf8J_vApzqNI Qs7BSqVQW7lJSoYLMiqy0WXElk6OXyBURAS1aC8BcSnjjYUZ2bv_oHrjAxVilacK5BIntwdGiRAT DOr54iHFEAxo9DiGY8WwOlE4T3Qgc8eZovcls1BFp0CELGEZ5hwSsY1OtmhgDKZsQRume2C82FbM 5P3_LNwEfGNBrKz04jEy0Srl9sYZ55K_fjntZvyKWCvoC7wQMlD9E8JB3krjFA1d7wE_fuNFS8PB 0_W9mcVolljQCEJsOkL2p3PxE5MzyxIRUxbgOC4J5sJXSQTiIIg9qFh7qzd3OYj9AK60CmGdlkem VQiPWbPqxzwkDX_0iVLD8ZmAZuTt9ZNgjupS6JOLzhm3qXKq7FQgzwxSrX77uFiZAv3.D1fkbb9e UpJWrDjTnoucGUAb6tbL33ShDuouSVb6IRbV4N5prV2I6l7p7MtMRzlKRx4XyFouzEOyiTf1RX7Q Dl71yRUqkHKEitURX3_h3BtnN_QMvwuWtnpVLDE5kk4U37OEtzst6wxrt0WFj.Rt8iT_h2wPj12k zyeBrXAtPDRU.LTzcvlvN3BywPhJXCuxdvxVe1RDrwhIJxgWAkHd_rzNlrbKs.NXoSuFEL1SQW_R B65oMKcGCuvE6GCKI5hV4tIyHIPhBSjeTias1zhSZEAfb7S8Opunikv62lu4wj7b4SxZeTlWoIlx JHBJCfRlatU03.xEoMn_Rtg4BAwcGHVmKsZtjzhF.1gcvtgvvKqFydm3NYBorJeQW9vZ8rb61BcY wlsDb6nUthFivq0yYALEA_dslwxDm7cfGhc8YBpbatt1C0TA3bTCjsJgbV5iV91_jiGJkRpZgNDH 5aUA.bSFfIOm6Pn3vRmdtfc3DRK_DpAl6Tm5QUj8kgi7Sq5FVJASOyA0xP.3FlIsHIJCzeqr1TX5 FG4yudX2UPOnG4oBgiVgXYyzbGFi9ypIOVJuThulzZXY-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.bf2.yahoo.com with HTTP; Sun, 30 Aug 2020 19:59:56 +0000
Received: by smtp408.mail.bf1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 0ec9151097a9704ff53048fe3338c05a; Sun, 30 Aug 2020 19:59:55 +0000 (UTC)
To: Job Snijders <job@ntt.net>
Cc: sidrops@ietf.org
References: <DE33EFAE-FBD2-478F-92A9-1FBD81CCC43F@arin.net> <727F6FBD-F73C-4F58-AE2D-0276B2A183A3@arin.net> <20200826160001.GF95612@bench.sobornost.net> <20200826202442.232829fc@grisu.home.partim.org> <20200827142827.GC88356@bench.sobornost.net> <DEBF83EC-B5B7-490B-9F30-19571991E273@nlnetlabs.nl> <045cb11f-5eea-1568-5260-d9794143dc7a@verizon.net> <20200828152505.GH88356@bench.sobornost.net>
From: Stephen Kent <stkent@verizon.net>
Message-ID: <08223d90-ee7f-7505-60c7-fab626e5fe19@verizon.net>
Date: Sun, 30 Aug 2020 15:59:54 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <20200828152505.GH88356@bench.sobornost.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Mailer: WebService/1.1.16565 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.aol Apache-HttpAsyncClient/4.1.4 (Java/11.0.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/fzZIib2X-hNZ4NXLv1l6hh8qP7c>
Subject: Re: [Sidrops] weak validation is unfit for production (Was: Reason for Outage report)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Aug 2020 19:59:58 -0000

Job,
> Dear Stephen,
>
> On Fri, Aug 28, 2020 at 10:00:14AM -0400, Stephen Kent wrote:
>> I am very bothered by the observation that, if were were to strictly
>> enforce the requirements imposed by the RPKI RFCs, then the number of
>> verified routes would substantially decrease.
You didn't copy the rest of my message, in which I indicated that I felt 
we were worrying too much about the bad PR associated with having fewer 
routes verified, as a side effect of adopting stricter rules wrt 
manifest processing.
> >From my observations, OpenBSD rpki-client produces 514 VRPs fewer than
> some of the other validators, but still totals at 171,643 VRPs related
> to the global routing system (currently 895,143 routing table entries,
> ipv4 and ipv6 combined).
>
> In the grand scheme of things those 500 VRPs to me are not 'substantial'
> but rather "just out of luck", knowing that any attempts to 'repair' or
> 'salvage' those 500 VRPs puts the remaining 171,643 route origin
> authorizations at risk.
>
> This is a good noise level, and if we come up with additional ideas
> to improve strictness that krank it from 500 to the low thousands, we
> are still in great shape. Also knowing that whatever triggers further
> decreases can probably easily be remedied by the relevant TA or CA.

I agree with your point.

Steve