IETF Logo Mail Archive

Re: [Sidrops] WG Adoption call for draft-sriram-sirops-bar-sav-02.txt - ENDS 01/30/2023 (Jan 30 2023)

"Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov> Thu, 02 February 2023 03:10 UTC

Return-Path: <kotikalapudi.sriram@nist.gov>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1F95C151551 for <sidrops@ietfa.amsl.com>; Wed, 1 Feb 2023 19:10:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.1
X-Spam-Level:
X-Spam-Status: No, score=-7.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nist.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u1bgKTvktXpY for <sidrops@ietfa.amsl.com>; Wed, 1 Feb 2023 19:10:49 -0800 (PST)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on20713.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::713]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5C69C151543 for <sidrops@ietf.org>; Wed, 1 Feb 2023 19:10:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AwDPLOvCP5IkgozaVWXqieuXv9IupI2F9nn6JVjbzItJnpl+2Xes4M8MV0HfpIX3cjHLr+47KF9m8T89q3FC4lyJGSvdQbUVZmbEoNn4fSgU0m7Mx0B009VG3+5YFYa95+9+Irvq+k3sNQhwXiyqnaYBKrow+ObraxCyj65Efgx61IrOpPg2uX7x/roZbAIURENT724mk8vNqMMX6rj6eYLo2Iu3lAL7GQJCS4JimaUxlHxUXEaU/MPW0boCzpRCa12caEvvkWDx7wzpnTxouQnCkboimsVamlndqMHAM44QlFaWcfXzg3nHcAlstE0OWpDhUeU3zkqfN3gpm77UKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5woYjhPk+ZPBtUS3VJN1s5RJRIE+x3g+LajxHaeMcA4=; b=keWo9yRLaSyK1EUiFjHcXjOflSTJhNAAQtJzEM6+o+IllEZopPUMaTvWg1J/2zTLVhCTztVWglNMeYVuNtRxxiJNeexv/chIuISEoDppCN2ecwoPKSRRVXg1UR7H6wCJwnI/3N+B+/tzraRDlx9rUXyfO6jAWx5+IsG3DVLQtYlB9hRcYsgkmN3EIpXnnSAJ5/hHdalU+RA2Ll9Y7pmCYb9Au5Q/Os+05OnYhoB8g8xkfvqjacZQBloQbcn37iVaTJqbzhLVcHtX6j+iZvzsyW8cYeg8DahhD5QZUhaRFv5An/CmvrmlLxHbuKJTVLD7FDaw7mLbnNL6WTvO6mXhCA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nist.gov; dmarc=pass action=none header.from=nist.gov; dkim=pass header.d=nist.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5woYjhPk+ZPBtUS3VJN1s5RJRIE+x3g+LajxHaeMcA4=; b=mvAXXBhXPXTQPgZcm1GyiiFRBSsh9peEk0g4UrbF6QzK6ziNu5bMo8BO/e3zGhZqFaJ3mQg71nwIgQs6qpJhsUcAhmqtVzxkH/QYwo0bcLrbuY0MTq6Y788y3S1dk6nhFMRsW22zAnUyaW7Zg8j/Sp6hO6bA6KJqkvFpy1Rw1rEZyTEDTr7PrvJKxpNv79uZ7vrEJIaFP8vRe0MjSS5CDkv/DOYNu72B4moRNIunOVvMuy1zO5E8L62QLJhVYOkptki+/R3OHqJv4VCgpqz5nOS6jLDf7EJdJc1XcyWRa8/DC0yWhuZ/Y2PuZGSgzy0m6wPqKRphhMfbk7aK7YcJEQ==
Received: from SA1PR09MB8142.namprd09.prod.outlook.com (2603:10b6:806:171::8) by SA1PR09MB8048.namprd09.prod.outlook.com (2603:10b6:806:180::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.24; Thu, 2 Feb 2023 03:10:44 +0000
Received: from SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::5b68:69d9:e45b:6cfc]) by SA1PR09MB8142.namprd09.prod.outlook.com ([fe80::5b68:69d9:e45b:6cfc%6]) with mapi id 15.20.6064.027; Thu, 2 Feb 2023 03:10:43 +0000
From: "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>
To: Andrei Robachevsky <andrei.robachevsky@gmail.com>
CC: "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: Re: [Sidrops] WG Adoption call for draft-sriram-sirops-bar-sav-02.txt - ENDS 01/30/2023 (Jan 30 2023)
Thread-Index: Adk2sbUAVr3uBssISPCgnPF5DjCwBA==
Date: Thu, 02 Feb 2023 03:10:43 +0000
Message-ID: <SA1PR09MB81427A2D26F7D648C053FB3384D69@SA1PR09MB8142.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nist.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR09MB8142:EE_|SA1PR09MB8048:EE_
x-ms-office365-filtering-correlation-id: a910cc33-1317-4bfb-1eef-08db04cb127e
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vydMU/5sV57YD0zxh4XEDvPpBBR9PE+9ZRqgDAlf6dpSEmL2sFigiYRZSXhxCb7vxqDnp6suPq0vVQJ2QJG9aq9cHmW/q6FgLvz0ZlyLfA4t6TZOwufLTaVXbz2g9hV1gmnNUoh+9z4t7bTNsoV2ea8ziiQnuGJ0eFA9A6yEXtVu2NpoxG8ylqDPu4PyMCtQvN9BnVjHl0tzYqJ2NPDn51FXVAwYw9+9pahhEKrvmxBRYUP7wJbtIv4E94kWx0R3mTzuLuXsDEyoBbEbc7GTAQGKCiLecczLyiXvCDp8VnualVXXRfP9bk5Kts/P0Wmf9KY2UR0Lv9a20IxyzI7S1bSRje/0aVx/T4xZhGuBo6tNEPy/wDc/RgKcTa8q/rNnCC4emsd1xQGCgqNqZCbM3izB70WZKOD1M8+cR7DVzUUIp7h+DhUMiQXDRvS0qlsb7As2b1qO6rTMbwt3TBLO+lj9qbt5AeV0DbFi33+jKYJsEf13pKIw6pb/YhjHfopgK+emJ+7Li2w86wklcSGduFlIgsaHvQ44mHj5wmVQ397xfMq2l20pt7acUSyvlIxzWq9Mdyr3PGQwx9HI/nEOHTkdse1k+XtysIu3nbY1yzOft+Xa5nDGMf7A4cfjLyVjCf+f/WuwlFhLlRYJXDEpU4Q3RUg4LvsNQnsiEnMtAAmwdzz/wimRzAJy46X4bOiy/ZlnW7+qgPVeIK2oTMHRrQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA1PR09MB8142.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(4636009)(366004)(451199018)(4326008)(76116006)(66946007)(6916009)(66476007)(66556008)(66446008)(64756008)(8676002)(8936002)(52536014)(5660300002)(33656002)(2906002)(83380400001)(55016003)(71200400001)(38100700002)(82960400001)(7696005)(86362001)(498600001)(122000001)(9686003)(38070700005)(26005)(6506007)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: +eIKUqCpoT/U47ZBqZDHF8FTPQ0r3w2f7I3ZGdpDOySJo4b3s+3JYoP/pZYvA5bt56pestfWxG8BrKxWJu3PGY5HOcls5aI18SCUt6+kM7+RK+j+jQ8S69XnEyvie5HrM+5GKMVpysCJLIwSC2Gq30V3NK61Q7a4sxpACerB6Pj04X54VR27kRI+4xEek4q2s29SqtxYCFbl9YwFnnGhJQaaCYZhQMVCZBXhYKZ4M5Efq8TkMZnJKBC75kddYXW1XqGBI91Dxlv/Z4KWaXkBXfF5g+KJ516+/pmEvfKcznNQmHOKn6YZYYCoRuRBdcKVgocXCDElwahcJwFt3wYCcoJ/YmzoDTNAE39g0AN2klQVkGY2wK/WK7E3cqFDItqApnKfnGI77X9mu8GS+q5sWaTMqFPa1/4/DcNwenZr2k3nqRd48bh7KSxN3UZCBz2Bo9Kz5VK0wBwjzuCrw/NVU6NtoN95YEHZrnX1q3rcWTa3GTJrOhLkKg16rCq6Cfutgs39aZUOhI+WPCMCXOmDjeMwISREV5RRO+pfuiXBeKRHiCFC2+vNSYB8OXzp0sFe242jXeRJhix+RPknV+oQqNRGjchFK14yGRkXhKSWyEfom/xL4decoy7qRnfg7iFl0/XmtIPaU4qan3ZkYBIEkFpoU8qi4pD3L9dWIXqGSj5fBZAy7dFIv8QaVkCXmSbrUzEtM+Nw7SWspnED7f9OfoSacgzF9PYMZrCLOsrwJdz7/VEgIcDXZ/fhKpW7tctUV181LarzPCyDV3Fp44sAKfCOLzwNbJY9yQ66x4KXGt1zOLEvtNzfTzQZSNNEpOCFQJfFWWrwrLNm1b8I7m47++bu+ngxkSyZ6PqAeuPnLrYyH3ZbGSvI1QIpvfyEOnt1L/Dh8BC+Th4DyC51LJq+ym6dd+GPgHM6LuczlWpnGiRUWtVopgbxC4tf2IBWgQOZcVf8fazB17WE68ZYUR6MghU1vW/Es3nVCJLO8Iun3qD2yOaS+9LPPoE+qV+DFTBMgHU6/apIZM4+QgsgJGjrs5r5O2ZCCa4z9nEmFb6CnvApZU9i0ojVUvRckflLTLvaxPLtAwiRl/I7pS39tRfZU9DrDlAjUrngPH1vc9r//I2KRoSPZb7+/I/O7/1Ukqxy4RlYxnFmKQrxa4pU4HwqO2UCm+bDCFR8fpGo42Fz6I6CO2+kBTOdGSpJxjfFuq9JnDWvENDXrRkBZv53TQcPbcAZ/Lbsl/JURkA++AFWeIQayDDT6qyp5Qyfk6ERg849wbdTtBYcAlqS+nt2IwzftieoFJj59klNCb0SAY1riRBYqpS2x2BsP/fbyqi0NLWTP1/+hyneAMc81ojHZtEfUZufKW55qY4dKAlSApB78BsFAgH6utwaMP4iI59hjJChOwYLq9CGcBcYXa83PcFX8+xfCmpXRGJ9kWYbeLvQ7w+mM7bDaFLYBUklrXxJhwvqG58NJ1QmmZ4IT2t8efvdi0Z3NWnTV/ABe1REJ1J4sgQVFh6z+LchHXhnZHoYdSRNQG3Gb9uVbq16ubHrTNa3GRSUi3MtgN/QaccVbBcAQ3A=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR09MB8142.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a910cc33-1317-4bfb-1eef-08db04cb127e
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Feb 2023 03:10:43.7872 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR09MB8048
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/n0cCPDtXXJ1YDtDYx8h2CBLN3dY>
Subject: Re: [Sidrops] WG Adoption call for draft-sriram-sirops-bar-sav-02.txt - ENDS 01/30/2023 (Jan 30 2023)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2023 03:10:53 -0000

Hi Andrei,

Thank you for your review and comments.

One might assume that an AS doing ASPA would quite likely register ROAs for its originated prefixes.  

The BAR-SAV draft recommends registering ROAs and ASPAs (separately) in the Operational Recommendations (Sec. 5). We cannot necessarily couple them unless prefixes and ASPA are owned by the same entity. From Sec. 5:   
  
       Since Procedure X (Section 3) and the BAR-SAV procedure (Section 4) benefit from the
       registration of ROAs, network operators are RECOMMENDED to register
       ROAs and enable RPKI-ROV in their ASes.  When ASPA registration
       becomes available, network operators are also RECOMMENDED to register
       ASPAs at that time.

       The registration of ROAs and ASPAs helps with the detection and
       inclusion of otherwise hidden prefixes in the permissible list for SAV.

But we'll see if it is possible to couple them and word it more strongly to accommodate your suggestion.

Sriram

-------------------------------------
From: Andrei Robachevsky <andrei.robachevsky@gmail.com> Tue, 31 January 2023 

Hi,

I read the draft and support it adoption as a WG item.

As some of the use cases demonstrate, use of ASPA can improve discovery 
of complex topology and mitigate the risk of dropping legitimate 
traffic. However, it also strongly depends on the registration of 
prefixes, sourcing the traffic, in RPKI (ROAs). Although they are 
unrelated, registration of ROAs should be strongly recommended for 
networks using ASPA.

Thanks,

Andrei

v2.23.0 | Report a Bug | By Email