[Sidrops] Modification of draft-sidrops-bgpsec-validation-signaling
"Borchert, Oliver (Fed)" <oliver.borchert@nist.gov> Wed, 25 March 2020 14:21 UTC
Return-Path: <oliver.borchert@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B090B3A077C for <sidrops@ietfa.amsl.com>; Wed, 25 Mar 2020 07:21:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.09
X-Spam-Level:
X-Spam-Status: No, score=-2.09 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqBHD0u5TqAE for <sidrops@ietfa.amsl.com>; Wed, 25 Mar 2020 07:21:50 -0700 (PDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02on2098.outbound.protection.outlook.com [40.107.91.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 428BD3A07B6 for <sidrops@ietf.org>; Wed, 25 Mar 2020 07:21:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KqAsBDmkfIyMD1+YZIB+5JqMC9sttylub+Uhellj+2SgVHpA88uaZc4Drmv15jvGKBwTMwV4Rt/RBzi+/9D9Tqd9ODODRXUNoswrUQspzmb1YdkTLkvmVxOIT6JBiM0Yi8xusv1y9ggP7/vv9ze/qi1g2pVFk06vgdJCf9wYzSjDWbftdVLN5OtxUVxoMbZg0tlxHr0vpiARRkLI3s+XIwIgSTuuOQYKV8L9UKnLzmXiSymJXs07OCvrCMKsXH3IqmplbAxjfv4pCneiwS2wRfSdYZ/ReejbvaYMIOn6WzGhgleyCutTd7yS2AECIoO/5aCVCyxAR8kKfvqsBKiygQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J+xMc6Hpv05d6UA2eg444Dn4bBuPO1nIK3xeccJi13o=; b=kWihzyNmXZdibSdylncVE0OlBL45j+1yvrXXB04agPYgGNGAQPtrIn9YiQSD+z42mqXpXRCBtG/7M56ChhlD0ktCW/pU2nGSfAjBzCPQi/zqaeA6EqO8v98W372q8ds1rAjnvnHGeei/50sF1tu7d/gOT/rHjE5UcAaws0v1NFkjuRjOhjhCiU8lfNE9GRdOqZn83BGip+D+YAIUTja/am4KibPe3x+1XnSS+2NZes+zzoBbbm3jyr9Ki+vwo5aPNhVsQtjQY7JVaAc6x8NVt768X907Ccx4VvASlNTwOYjbIz3ZihCPPU7VCKL1Ix5q9J3s3RlVw0S4r7aEI7Z/nw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J+xMc6Hpv05d6UA2eg444Dn4bBuPO1nIK3xeccJi13o=; b=JLyY1N7vbiKzfs1SVEBVchEPvUtIlgMdVJ4coN8b7yN2AMYDbLl0AqHA6nLgdocJB2TVUOnPmag4RKkDAFu1f4CLOiwq9b2uwPVyIt0QjA4ruLJyF616SLboJcwZza9r3htBNhf5nBCivA4cB6pCXb55MmoK7P7W6RjQq+KHkSQ=
Received: from MN2PR09MB5114.namprd09.prod.outlook.com (2603:10b6:208:223::10) by MN2PR09MB3534.namprd09.prod.outlook.com (2603:10b6:208:3e::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2835.22; Wed, 25 Mar 2020 14:21:35 +0000
Received: from MN2PR09MB5114.namprd09.prod.outlook.com ([fe80::a895:107b:823a:1c49]) by MN2PR09MB5114.namprd09.prod.outlook.com ([fe80::a895:107b:823a:1c49%4]) with mapi id 15.20.2835.021; Wed, 25 Mar 2020 14:21:35 +0000
From: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
To: "sidrops@ietf.org" <sidrops@ietf.org>
CC: "Borchert, Oliver (Fed)" <oliver.borchert@nist.gov>
Thread-Topic: Modification of draft-sidrops-bgpsec-validation-signaling
Thread-Index: AQHV0sKQNcuQZlmpqEep2SHVIDTSTA==
Date: Wed, 25 Mar 2020 14:21:35 +0000
Message-ID: <D382ACDB-E465-4075-B881-8B7C28E42DA8@nist.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.35.20030802
authentication-results: spf=none (sender IP is ) smtp.mailfrom=oliver.borchert@nist.gov;
x-originating-ip: [129.6.219.158]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: f4accecc-4f23-4b92-fa6e-08d7d0c7d2eb
x-ms-traffictypediagnostic: MN2PR09MB3534:|MN2PR09MB3534:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <MN2PR09MB3534BDFDBD35B8ADD31154DD98CE0@MN2PR09MB3534.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0353563E2B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39850400004)(376002)(396003)(136003)(346002)(186003)(71200400001)(26005)(478600001)(6506007)(107886003)(6916009)(86362001)(6512007)(4326008)(6486002)(66946007)(64756008)(66476007)(8936002)(81156014)(36756003)(316002)(66446008)(66556008)(2906002)(2616005)(5660300002)(76116006)(8676002)(81166006)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:MN2PR09MB3534; H:MN2PR09MB5114.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: U3umTbI3vzzbrKemBkUxFVSJ92dOd0DhMgkt8n4ggrLbWQg5YjwpL9uXGAfDSNLu5GpjZIEIKn+0TzHSWUT8EG1U1oRjyGFnDwqrP8PPMY7/48cqWCqtUzSTxNtXeIpusVhY7aJ6Z3xhxyUVT3dgYMdJBeK1lV84rFZtwFEbeyozasGEsB43oS5NP8Iy4ohyaGOGetU7/gjIYouTxHsfXn8Y3yWCf7+0ANWN9wfkIGh+p023QQdT99EjazlqjFMX1PZxK3lPtwYDZMaEdtXhIzpwkSW2ii2x//9Dncd+vnkZpuox044eCiFdKzyI7aH1kkppLe77whM5eB7f0+kJr+nNUXPqAYLqMQNRXfkaoQVP87Nr5JO5689GYIcAVRe+HwK5WAObwHVzLDQkbL7v7ZRJQISDFl03tUqtedbSQ94GNoDTpCVOEbIn7fzSibzmyM/Vu+shkwvwERdoQmcDwmzqmXsCsTzlZ+zybmigY2D7RQRb8gmQQWd/oFW64SVzVubS52+Ap7EwklQ90F7RFQ==
x-ms-exchange-antispam-messagedata: V/Q1GNi70L0LQYy6Bku/+Gszq/FsuwpJxSnJyghEzQUcVJP3x5DImlSWjT5iPim/YQcZFrzqNiuf7UXReagS2MnGcsHo2gFEsyoLavJQmfRhEIVF0/04DnMs5BZWZPlx5ucImYv9X9x58hulelnlSA==
Content-Type: multipart/alternative; boundary="_000_D382ACDBE4654075B8818B7C28E42DA8nistgov_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: f4accecc-4f23-4b92-fa6e-08d7d0c7d2eb
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2020 14:21:35.0699 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Pc49l29kKPnYC4kilmpYVDcMbaQgGpPk802YYXrDQQ9iTsYv7tJ5DcBNoXaio2ADqH9x15Y6MwOoPSSz03EHvA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR09MB3534
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/jChEjH3ZVEbV4NiLzHDRoNe3Uxk>
Subject: [Sidrops] Modification of draft-sidrops-bgpsec-validation-signaling
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2020 14:22:00 -0000
Hello and I hope everyone is doing well these times. I know it is already some time ago but during the presentation of the draft-sidrops-bgpsec-validation-signaling (https://tools.ietf.org/html/draft-sidrops-bgpsec-validation-signaling-01) during IETF 106 in Singapore, a discussion around the draft started that will change the current state of the draft and will revert all requests stemming from the discussion on the list that were made during the adoption call. Before I submit the modification I want to query the list if the changes to be made are in synch with the working group. To remind you, the original proposal (https://tools.ietf.org/html/draft-borchert-sidrops-bgpsec-validation-signaling-01) was to add a BGP path attribute for signaling the validation result of path validation in the same manner as described for prefix origin validation as specified in RFC 8097. During the adoption call a discussion started to instead creating a new path attribute to just add the path validation information into the reserved flag of RFC 8097 and hence updating RFC 8097. After uploading the draft 00 which reflects the version of the adoption call, we went ahead and added the modifications as they were discussed on the mailing list during the adoption call. The current form of the draft (01) reflects these modification by now updating RFC 8097 which included the modification of the PDU and subsequently the modification of error handling and clarification and renaming the attribute field names to reflect the correct meaning. The question that came up from our side if these changes warrant to obsolete RFC 8097 which would allow a much cleaner approach. During the presentation in Singapore though multiple participants spoke up in favor of not perusing this path and keeping path validation as well as prefix origin validation signaling separate. One major reason that was mentioned, was implementation related regarding mapping the zero value of the reserved field in filters which would not work anymore if we are combining both values going forward. On a personal thought regarding that issue, the RFC clearly states that the receiver MUST ignore the reserved field, so filtering on the reserved fields value is an implementation shortcut that breaks conformance to the RFC. So, before I go ahead and revert the changes within the draft back to its 00 state and therefore separate the validation state signaling back into independent documents respectively and dealing with path validation only as initially proposed, I like to query the list if there is consensus in doing so. Please let me know so I can go ahead and make the necessary modifications, Thanks and stay safe, Oliver
- [Sidrops] Modification of draft-sidrops-bgpsec-va… Borchert, Oliver (Fed)