[Sidrops] Maxlength Defaults: Follow Up

Alexander Azimov <a.e.azimov@gmail.com> Wed, 20 November 2019 08:40 UTC

Return-Path: <a.e.azimov@gmail.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D0831208CB for <sidrops@ietfa.amsl.com>; Wed, 20 Nov 2019 00:40:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1E858UhCbRNy for <sidrops@ietfa.amsl.com>; Wed, 20 Nov 2019 00:40:49 -0800 (PST)
Received: from mail-ot1-x32d.google.com (mail-ot1-x32d.google.com [IPv6:2607:f8b0:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CDCB120088 for <sidrops@ietf.org>; Wed, 20 Nov 2019 00:40:49 -0800 (PST)
Received: by mail-ot1-x32d.google.com with SMTP id w11so537130ote.1 for <sidrops@ietf.org>; Wed, 20 Nov 2019 00:40:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=/3+9heNMGTanyyWmSLFb/N72amR3bgrzyfBy5kwvlxY=; b=b0jE361le/d54ljUISvaMp3/H8FOw0ViazF6nhItpSQMYojscaikQqVH+PmQ0BjCrf prps1cc1149bWz3XODo68S+uLIrGpW7gbSAD5WY4A5nxuwlEej1hG7haTiqW903frSeR 83/9if06fmNt6I/BRgrfz+BJ14qBrqSfPn6VawWUs9WtRM6b1r0q/h3ridL2W851xtWg h+Tzf8ifjLkREFDtUmo2BRzZMnk4tJqjIigYjKfNkqnVWsdJEz2lOSvYrJX5ptKJ8/zt V+sLnfuPYacJ4WiqK66VVmwag2/8RQzdMrDCUJQG+jEwIg6jmi7MXKBYE3X6HuSIf6mO 5e1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=/3+9heNMGTanyyWmSLFb/N72amR3bgrzyfBy5kwvlxY=; b=hlMsQ9vWNie5F7VZ6giZwy5LmVRzMi8pU1f3zOWVDGj/oZkI2W7Z953UKFPuO9LmVI CyBL8embBFdqmfraMx9bePVliLoehmAzSWT+QRZRezzPTgD6CCNM3dH4Eqh0njbo6boy 6OaGh1FDnjcZBlJ80vRyjUJSRq1304LQxWU+kEecAeE/Kq7sQSCLvKlUdozp1wsPxRRV vR8cUt3fAVlXlLPFaWNtCAqSjI3ZMBpp8bQGp6NKtoRms3Gh+lmpQTQqBoGkTbEPgPoJ iPV8LNPNtErT79+HjLCTY7EOzt8wRqoWhWV9NqstYPzDJP3Duil+RVoXySIboWRhUgBO 6yYw==
X-Gm-Message-State: APjAAAVbohO7zgiH0OTwGPVlTdXFQjx1LKjNiY6/gsKNE2e4o97VJ8uw HcM1DEGX/SeLcrK948Zj7Nss0BVUt0TPiBRAFTwOFHbzmOg=
X-Google-Smtp-Source: APXvYqxZ8L4z/ZCh96Rbj62pCkWa6qBHnjb5ew0wgnH1WS1fdeb2dBOHBRwicrrGhRFDTFYSsOlfBr4zQbb9SwMWstY=
X-Received: by 2002:a9d:2c25:: with SMTP id f34mr1029645otb.27.1574239248393; Wed, 20 Nov 2019 00:40:48 -0800 (PST)
MIME-Version: 1.0
From: Alexander Azimov <a.e.azimov@gmail.com>
Date: Wed, 20 Nov 2019 11:40:37 +0300
Message-ID: <CAEGSd=BatJzG01UAjEfnWLgZNAD6gCseqvMeCEOd0HuCZPtC+Q@mail.gmail.com>
To: SIDR Operations WG <sidrops@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003129120597c323e4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/wCwIPo39ZWipJpjWIjnHnlveaQE>
Subject: [Sidrops] Maxlength Defaults: Follow Up
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 08:40:51 -0000

Hi all,

I want to follow up on my talk at the meeting and make a quick recap of my
considerations.
There are two defaults around ROA objects:

   1. Drop invalids (default suggestion);
   2. Setting maxlength equal to the prefix length (automated by RIRs).

These settings together might create both deployment and security risks.
The security risks grow up from a situation when you can't instantly create
a more specific prefix when somewhere more specific hijack starts to
propagate. It can be avoided by using maxlength as big as possible, but
this differs from the current default setting in the web interfaces
provided by RIRs.

The deployment risks are related to ov-egress draft, where expected
behavior isn't just reject invalids, but also creating exceptions in this
policy. As I suppose the target audience for this draft is stub ASNs, this
will require additional configuration on their side. It is doable, but the
more you require from this part of the ecosystem, the less will be done.
The effect can also be limited by changing default settings at the RIRs.

-- 
Best regards,
Alexander Azimov