IETF Logo Mail Archive

Re: [Sidrops] Call for SIDROPS WG Agenda Items

Alexander Azimov <aa@qrator.net> Fri, 06 July 2018 20:07 UTC

Return-Path: <aa@highloadlab.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 919DA130F08 for <sidrops@ietfa.amsl.com>; Fri, 6 Jul 2018 13:07:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.659
X-Spam-Level:
X-Spam-Status: No, score=-1.659 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=highloadlab-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wyq3l3F-aBH9 for <sidrops@ietfa.amsl.com>; Fri, 6 Jul 2018 13:07:03 -0700 (PDT)
Received: from mail-pf0-x236.google.com (mail-pf0-x236.google.com [IPv6:2607:f8b0:400e:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28811130EEF for <sidrops@ietf.org>; Fri, 6 Jul 2018 13:07:03 -0700 (PDT)
Received: by mail-pf0-x236.google.com with SMTP id u16-v6so9233839pfh.3 for <sidrops@ietf.org>; Fri, 06 Jul 2018 13:07:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=highloadlab-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=RX6jwbA275V5M4yCiGFaiIfKFQnEuRiIfgTkHfT9wGw=; b=v5grveivejksAnDvN7H9Aq4nhxbKwSk8xorzmyi9Ft9nJ6TvrQ93jU0UUd+hliifJV efcPje/aI1YPZ20EDROk5ggofTNVE6FGJ3fdRmDoPqP34FKyvO92c6qu2I5H1/VCH/FW s5DKcQAUG9x/Ndh05iTpM1qb1QeW2ErWbD0gmydGOEVe7tQxZsXrXEXoUbAmxZojrVhu G7fmrmdkFeGEPDyZdhysV8ELxtWi0heYuffg3654yB9ToL4J6FGWKD87yF7B/+nd2fsB e8O76YEgeqIIzDiWItDYtLMVL3upY+x6OIBbVNO3ITeIq/Ts5qE0o9v5GRRxER+Co4jE X69A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=RX6jwbA275V5M4yCiGFaiIfKFQnEuRiIfgTkHfT9wGw=; b=DwIeMlUzWRJcRz5eNjEW2a6K8m2SDRnD8pekljfyGUrJQvd5J5rBs/HBpCxoGWaIAm aZ8UbylWkO01sP3C14XjMA+YWiVqZKj3+iGc0sk8Tzh88FiGxwEztZL+LP5vPYi94jod r4KIQIF8YMuLfCFVNKy8Wr1TsTfgAEEJbpC5/J0fbk9ViZf1dwWlpnu7QvtbPQYQ/mIB ohMJgjMQIMwLIx5pVrMqGLuLL0VgTD8oD7aqBiWcAoZ06rg5ziw+yQTs4c9GyxBwqN/0 4i9hR05lH7cfy8O+ciOE4RiVw36hjSacq7NXAjQHeVhj7FeRemUWH+hldiyF3K+bjHmj XjHw==
X-Gm-Message-State: APt69E1RFzvswoklJh04y4U9HZqBFi3r6u7W4+LwIVzbrRG1+1q6JI06 9StunoqvuveE7k+1SINkeMfesdam+NMuBW+qKHsY/g==
X-Google-Smtp-Source: AAOMgpf1TmmaWq0rAgzWwcEjicfGx4hvZARiWKuYnGA8yioqXkCcAsipNbPWNyWSsQf9OymX8iSSklHRYXDlI4s88/s=
X-Received: by 2002:a65:60d2:: with SMTP id r18-v6mr5962778pgv.306.1530907622681; Fri, 06 Jul 2018 13:07:02 -0700 (PDT)
MIME-Version: 1.0
Sender: aa@highloadlab.com
Received: by 2002:a17:90a:7e1:0:0:0:0 with HTTP; Fri, 6 Jul 2018 13:07:01 -0700 (PDT)
X-Originating-IP: [195.175.53.234]
In-Reply-To: <D0933B81-699C-4AAD-ABA4-CCB33BA6317B@nlnetlabs.nl>
References: <C0205A63-E2D5-4CD5-A109-08C61A1AEA6D@arrcus.com> <m21scsq8b8.wl-randy@psg.com> <6065B77B-9981-4273-82CD-A13C3151EA24@arrcus.com> <CAKr6gn1expF0syu69zpWhyERjvp72r169NhvudMNUSMd0A5D2A@mail.gmail.com> <D1A6D74E-ECEA-4080-90D3-0E19F1B9EE8E@arrcus.com> <CAHgCvCMcV15dMjUtGeDbzsz3eTJkvLNig7+9RV59Ch6+8c9YgA@mail.gmail.com> <D0933B81-699C-4AAD-ABA4-CCB33BA6317B@nlnetlabs.nl>
From: Alexander Azimov <aa@qrator.net>
Date: Fri, 06 Jul 2018 23:07:01 +0300
X-Google-Sender-Auth: 3ly6ZW5HWxKD02FTjLQDBCBDyzc
Message-ID: <CAHgCvCOHrtEUSPwXt1JS9Wj0Aa76x_57aUzxsvY3Tb8CwZo1pQ@mail.gmail.com>
To: Tim Bruijnzeels <tim@nlnetlabs.nl>
Cc: Keyur Patel <keyur@arrcus.com>, "sidrops@ietf.org" <sidrops@ietf.org>, George Michaelson <ggm@algebras.org>
Content-Type: multipart/alternative; boundary="00000000000008c4f905705a3571"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/slj1I_m8FOnpPruCf1PKnbk7u8Y>
Subject: Re: [Sidrops] Call for SIDROPS WG Agenda Items
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2018 20:07:06 -0000

Hi Tim,

Thank you for the feedback! Please see my inline comments

2018-07-05 13:01 GMT+03:00 Tim Bruijnzeels <tim@nlnetlabs.nl>:

> Since it’s the customer ASN who signs would it be a good idea if they
> listed all provider ASNs in a single object? There is no fate sharing risk
> like we have in ROAs when including multiple signing prefixes. On the other
> hand this would guarantee atomicity.
>
Interesting point. We will consider changing it this way.


> One small thing, eventually this will need a filename extension to be
> included in the IANA “RPKI Repository Name Scheme” registry. See also:
> https://tools.ietf.org/html/rfc6481#section-7.2
>
> https://datatracker.ietf.org/doc/draft-azimov-sidrops-aspa-verification/
>
>
> I am not entirely clear on the AS_PATH verification in section 5. It reads
> to me like the outcome is invalid, or unverifiable if not all of the ASNs
> on the path have published ASPAs. And that unverifiable is considered close
> to invalid. But I may have misunderstood.. so I would be particularly
> interested in this part of your presentation.
>
> All that said, I think that it would be extremely useful if a partial,
> incremental deployment can be supported. IMHO one of the big issues with
> BGPSec deployment is that it’s all or nothing, so there really is no
> incentive to deploy until everybody else has done so. With ASPAs you could
> argue that a route should be dropped if any of the pairs in the path turns
> out to be invalid, but it’s okay to accept unknowns. This would allow ASNs
> to get benefits from publishing ASPAs without requiring that everyone else
> does so as well. Of course things will be better when they do as well, but
> until that time there still is a benefit. So, there is incentive for ASNs
> to be pro-active.
>
> But as I said.. I am not sure that I got this section 5 completely..
>
Yes, it seems that here is a misunderstanding. Behind section 5 there is a
simple idea:

   1. If there is 'invalid' subpath - then the outcome is 'invalid';
   2. If the AS_PATH can't be fully verified even if all corresponding
   ASPAs exist (AS_SETs, AS_TRANS) - then the outcome is 'unverifiable';
   3. Otherwise - 'valid'.

So, the procedure may return 'valid' also in case if part of AS_PATH isn't
fully covered by ASPAs.
And to support detection of intentionally malformed AS_PATH for selected
ASN it's enough if all its upper providers create ASPAs. For transit-free
networks this rule is even more simplified - they just need to create
ASPA0. IMHO - it provides a quite powerful mechanism even at the state of
partial deployment.

v2.23.0 | Report a Bug | By Email