IETF Logo Mail Archive

Re: [Sidrops] WGLC = draft-ietf-sidrops-aspa-verification - ENDS 03/22/2023 (Mar 22 2023)

Di Ma <madi@zdns.cn> Sat, 25 March 2023 04:47 UTC

Return-Path: <madi@zdns.cn>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B36DC151532 for <sidrops@ietfa.amsl.com>; Fri, 24 Mar 2023 21:47:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IB5Uszs-IW3r for <sidrops@ietfa.amsl.com>; Fri, 24 Mar 2023 21:47:46 -0700 (PDT)
Received: from smtpbg150.qq.com (smtpbg150.qq.com [18.132.163.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E396C151522 for <sidrops@ietf.org>; Fri, 24 Mar 2023 21:47:44 -0700 (PDT)
X-QQ-mid: bizesmtp83t1679719641th873shl
Received: from smtpclient.apple ( [111.199.190.248]) by bizesmtp.qq.com (ESMTP) with id ; Sat, 25 Mar 2023 12:47:19 +0800 (CST)
X-QQ-SSF: 01400000000000Z0Z000B00A0000000
X-QQ-FEAT: PS/N6jJLnDbVu4E3A3CxJxhOU9ZS4mMVXurJD18TwewB+GyYEul+9MgCPaHxS MfcLpKQwc1B5GBCo1w22Kkpv/Uy+03eQiWr2z6e0bgEyFqmdY0pct8RTpU+qh7s1W/E98MY jHNEf0JS2fCqDJ67CYULXIIqJZAfBo02M0xJzAa313sYTlvE1d64i4M1QqwrWeiZKiMoE2C cU6LydBmpeMEalE9YJszIhJK8fBgeKBj4McjE4pmriYFXXPIkklK9XhgCwxdhiXcvUNDyt5 kzHoWZAloao+xZrPQ8M//iHSZnXUOtf89Ip4V2C5+SScNuILX6ZUwahUYSjV6b0UB0dRJEd 4XQR/lSbjlQZpCs28FW8uZdvJ4yTaXp8QrFYEyw
X-QQ-GoodBg: 2
X-BIZMAIL-ID: 13317543124388316500
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
From: Di Ma <madi@zdns.cn>
In-Reply-To: <EDFA2A6D-F7DA-4FCA-9D83-65B08DEE1907@nlnetlabs.nl>
Date: Sat, 25 Mar 2023 12:47:09 +0800
Cc: SIDR Operations WG <sidrops@ietf.org>, "Sriram, Kotikalapudi (Fed)" <kotikalapudi.sriram@nist.gov>, "Lubashev, Igor" <ilubashe=40akamai.com@dmarc.ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <93539146-0E8B-4A22-AA30-51C4F37E6551@zdns.cn>
References: <3d9e252c02a342f09c93269779d91328@akamai.com> <EDFA2A6D-F7DA-4FCA-9D83-65B08DEE1907@nlnetlabs.nl>
To: Tim Bruijnzeels <tim@nlnetlabs.nl>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
X-QQ-SENDSIZE: 520
Feedback-ID: bizesmtp:zdns.cn:qybglogicsvr:qybglogicsvr2
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/whh2NRpgq8UYa1wYdtrv7AnvJ8I>
Subject: Re: [Sidrops] WGLC = draft-ietf-sidrops-aspa-verification - ENDS 03/22/2023 (Mar 22 2023)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Mar 2023 04:47:49 -0000

I shared the same point of view as I tried to develop fine-grained filter with ASPA-SLURM into RP software if I want the RP to do SLURM filtering based both on customer AS and one particular provider AS.

Di


> 
> The reason for this is that the verification process runs in a BGP speaker, and it will get its data through the RPKI-RTR protocol. Validation and synthesis of any applicable union to get the VAPs will have happened before this point. So, while it should be discussed, I think it's actually not relevant any more in the verification context. The information of whether a given VAP came from 1 or multiple objects (and possibly SLURM at some point) is not available and cannot drive the verification process.
> 
>

v2.23.0 | Report a Bug | By Email