IETF Logo Mail Archive

[Sidrops] Andrew Alston's Discuss on draft-ietf-sidrops-rov-no-rr-06: (with DISCUSS)

Andrew Alston via Datatracker <noreply@ietf.org> Thu, 25 August 2022 13:22 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: sidrops@ietf.org
Delivered-To: sidrops@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id C6F21C1524A2; Thu, 25 Aug 2022 06:22:22 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Andrew Alston via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-sidrops-rov-no-rr@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, morrowc@ops-netman.net, morrowc@ops-netman.net
X-Test-IDTracker: no
X-IETF-IDTracker: 8.14.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Andrew Alston <andrew-ietf@liquid.tech>
Message-ID: <166143374280.8949.4490792736652212362@ietfa.amsl.com>
Date: Thu, 25 Aug 2022 06:22:22 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/iwTFTnYCNUhYVatbUjhWKzFSYTM>
Subject: [Sidrops] Andrew Alston's Discuss on draft-ietf-sidrops-rov-no-rr-06: (with DISCUSS)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Aug 2022 13:22:22 -0000

Andrew Alston has entered the following ballot position for
draft-ietf-sidrops-rov-no-rr-06: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ 
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-sidrops-rov-no-rr/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Hi Authors,

Thanks for the document, for the most part I find it clear and easy to
understand.

I however would like to discuss the following:

 If the BGP speaker's equipment has insufficient resources to support
   either of the two proposed options, it MUST NOT be used for Route
   Origin Validation.  The equipment should either be replaced with
   capable equipment or ROV not used.  I.e. the knob in Section 4 should
   only be used in very well known and controlled circumstances.

My concerns with this are two fold - firstly - it's entirely unclear what is
meant by "well known and controlled circumstances".

More importantly, I'm concerned that this paragraph as written could lead to a
situation that where people read this as "if you can't support this behavior -
forget BGP security" - and that I would think would be a more dangerous
situation than the route refresh behavior.

I'd be happier if we could
a.) Either say that operators should plan for upgrades - but turn off RPKI in
the meantime or b.) Change the wording such that it says something along the
lines of "it MUST not be used for ROV without the informed consent of the
peers" - meaning that peer that takes the brunt of the refreshes has to consent
explicitly.

Either option prevents the position where operators running smaller older
hardware are handed an excuse to forgo RPKI entirely - or to turn it off -
because in my experience once someone turns something off, getting them to turn
it back on again, can be a tricky proposition.

Let's discuss!

Thanks

Andrew

v2.23.0 | Report a Bug | By Email