[Sidrops] ASPA verification algorithm error

"Jakob Heitz (jheitz)" <jheitz@cisco.com> Fri, 22 January 2021 06:21 UTC

Return-Path: <jheitz@cisco.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25D8F3A0E3B for <sidrops@ietfa.amsl.com>; Thu, 21 Jan 2021 22:21:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.619
X-Spam-Level:
X-Spam-Status: No, score=-9.619 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=SxD1RULb; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=kJwowx+o
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GC1SORC4O9yL for <sidrops@ietfa.amsl.com>; Thu, 21 Jan 2021 22:21:09 -0800 (PST)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A558F3A1113 for <sidrops@ietf.org>; Thu, 21 Jan 2021 22:21:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10829; q=dns/txt; s=iport; t=1611296469; x=1612506069; h=from:to:subject:date:message-id:mime-version; bh=zOS4CnaHO50ZOUAaw7hvcTBdIyyJ8atDzd/aFUmaZEQ=; b=SxD1RULbkKtf5gn3ZuFPBHyQglTz9sr7dkWHrFI9Y6ruLe+Qu1x2IzWJ 0ls9zVTiE565kJZ4dIjhEu7h64tG7OUR9iZaVuNu4etxq+7zlEkTfr6zh jLlzU1NoMVFIMkIhg3wLBoHL6D4YduWrINu5AuLwlheVlSGkCU/ItDJh2 g=;
X-IPAS-Result: =?us-ascii?q?A0C0AAB5bApg/5BdJa1iHQEBAQEJARIBBQUBQIE8BwELA?= =?us-ascii?q?YEiMFEHdlsvL4gIA44MlCaEc4EugSUDVAsBAQENAQEjCgIEAQGESgKBdwIlN?= =?us-ascii?q?QgOAgMBAQEDAgMBAQEBBQEBAQIBBgRxhWEBC4YnEwEBOBEBgQAmAQQbgx+Bf?= =?us-ascii?q?lcDLgEOpm8CiiV0gTSDBQEBBoE3AoNYGIIRAwaBOAGCdYZQhBobgUE/gRFDh?= =?us-ascii?q?XEBAQOBXiuDIIIsgzAUJAMWAhdudiIsmlWMOZE/CoJ3iS+SW6Jvj26EL4scl?= =?us-ascii?q?jUCAgICBAUCDgEBBoFXATiBV3AVgyRQFwINjiGDcYUUhUR0NwIGCgEBAwl8i?= =?us-ascii?q?iNcAQE?=
IronPort-PHdr: =?us-ascii?q?9a23=3AOa3Vox+wI9ZRq/9uRHGN82YQeigqvan1NQcJ65?= =?us-ascii?q?0hzqhDabmn44+7ZRaN5PhxghnOR4qIo/5Hiu+DtafmVCRA5Juaq3kNfdRKUA?= =?us-ascii?q?NNksQZmQEsQavnQU32JfLndWo2ScJFUlI2/nynPw5SAsmtL1HXq2e5uDgVHB?= =?us-ascii?q?i3PAFpJ+PzT4jVicn/1+2795DJJQtSgz/oarJpJxLwpgLU5cQ=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.79,365,1602547200"; d="scan'208,217";a="630748857"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Jan 2021 06:21:06 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by rcdn-core-8.cisco.com (8.15.2/8.15.2) with ESMTPS id 10M6L5fQ009853 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL) for <sidrops@ietf.org>; Fri, 22 Jan 2021 06:21:06 GMT
Received: from xfe-aln-003.cisco.com (173.37.135.123) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 22 Jan 2021 00:21:03 -0600
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by xfe-aln-003.cisco.com (173.37.135.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Fri, 22 Jan 2021 00:21:03 -0600
Received: from NAM04-BN3-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 22 Jan 2021 01:21:02 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N6Nj4aXYJw/8DCTV5Lzyn4/HrAkp3S2q4H8RawE4p8PsFcbmmBFaz1X7iDuWVKPfcRmbSthJn/3W95RVglY+s0UHVuXwtepUVS9K8hg1v6G6vGmVNpfaV3i9Eoc3B+I7AuCJvii2PKohqxZwTF3tyPn/ETCQVlpaZgSsCNDBfGwmf0/ctR1UlwxmxZnUy0hBL5mPkGKxe+8vzehWGAMIWGhPm7fbxv9GG4LSo0EOgg80tXsu6srtCrcseu4ZOr6SdJS4VUSp9D6NkuFUfArVgDkePi8+67002+2nqpfXZUvHby9lNgURRszTJZ1UfZ1WKKHvXk1fczWnjkpdeCcI0Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x9OuuJC6OJyguUF1xNFo4BynGqgiSK0TyNBlS5J57C4=; b=KenyPE1vAu4km+N47Vo/RCYyuIWbIcIu3CwDR6reUHN5aLp8MCr8eg08Slj+5puU/aexQ7UCPV4bBBDhpuUlwFCDV9IYrPz6aHLEdxB0o59cXOM42qRxeQ22V/0ZLGhvKc0EonZefSqHvRNnkkIhOzdbBHS3h6ywL3hsJTiC8HxEJEl0fzWXyJ1mp9U7GltWQC2nRCkIEQC7E6ZgYd+DJMjtAudJc6k1uvEGxt8zK0mRaW5RGQEocNqsB+CODBVJSnOK80MesT5R9jPFbVBapXlCPNy5tJ+8NU4qDp4Qmsa6CXRYJVmoiQl7tlqnc4eYNZErKRd/JmMu++CGIyzLDw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=x9OuuJC6OJyguUF1xNFo4BynGqgiSK0TyNBlS5J57C4=; b=kJwowx+o49oePunAZpNZFJHiQQ2xvL1UWVBIOMIOUsWW/BIWdyfNMGstUsZ2jtFiLyBqQ0D/InQMTECOXns1sXj1VviRz6Z6DfKSpShki0GFlEv9d6VoBBuhsSvCCkcU4hsjaegLl1int3Il2riqlSy9kC53jYChzIhpD8KJodI=
Received: from BYAPR11MB3207.namprd11.prod.outlook.com (2603:10b6:a03:7c::14) by BY5PR11MB4193.namprd11.prod.outlook.com (2603:10b6:a03:1c8::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.13; Fri, 22 Jan 2021 06:21:01 +0000
Received: from BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::2581:444d:50af:1701]) by BYAPR11MB3207.namprd11.prod.outlook.com ([fe80::2581:444d:50af:1701%4]) with mapi id 15.20.3784.014; Fri, 22 Jan 2021 06:21:01 +0000
From: "Jakob Heitz (jheitz)" <jheitz@cisco.com>
To: "sidrops@ietf.org" <sidrops@ietf.org>
Thread-Topic: ASPA verification algorithm error
Thread-Index: AdbwhlK9z1axTpzkRWyI9nY082H2KA==
Date: Fri, 22 Jan 2021 06:21:01 +0000
Message-ID: <BYAPR11MB320714401DE9AFBF5D24C832C0A09@BYAPR11MB3207.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2601:647:5701:46e0:7da1:c99e:fdf4:e3c]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: efb88127-dc25-4c9d-4c10-08d8be9de424
x-ms-traffictypediagnostic: BY5PR11MB4193:
x-microsoft-antispam-prvs: <BY5PR11MB41938D56F45E8BB63682A9B4C0A09@BY5PR11MB4193.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BH7tungeSTO5mIPvR4AHqOpJdhRTtCu/MTesrsWsV03+lHeB4wN5iOf4LbuJtwSOuON4ST/2zyrUtMIRrF08cfO20vcHd16XnBQEtYQ8OYVU5igRqO87riuvk1fslb8S5iOftS5oYodEvsjSXjJN/Z+JuTAXeNnVyDCTGSikvpljg313lz6sF0w/92W0G0pZpqhW0yYll4fcQ3K7vUR0oBCcwSoQqY1s9GPn6apReNneQDcPxXPXtg4t0gR55qQxUy59DcXEhIOJG72ptx3o1MS+IJmtylCFMsR0hWHzzsgjGxEHJE3dcT4VtXK2Cz84jfyToGYfNVNh64atOB68d4tKIcd6shZQr6wFv0p6EAf5+dRi7RJLsbf5hbbAZmT+PDUye2AUc5/xHz5c/qOmX0GmRppig/15cpHXiuoWi61txgWQcUQoAdofXMPnHPk1fvjXXz6WaFc8mxo1tuJCtg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR11MB3207.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(39860400002)(136003)(346002)(366004)(376002)(396003)(66476007)(7696005)(5660300002)(71200400001)(6506007)(8936002)(66946007)(64756008)(76116006)(66556008)(86362001)(316002)(66446008)(8676002)(3480700007)(15650500001)(478600001)(186003)(83380400001)(166002)(52536014)(9686003)(6916009)(2906002)(55016002)(33656002)(966005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: =?us-ascii?Q?ISe3MAEBigjDuzZ+0A/11CmLldMppBc08SeMK1PcSUYlVkkHCdj/57vZex/X?= =?us-ascii?Q?UOlcSK2H2+fnAFK7jBIbukQf9uQlBwOBYjM8eufQU5H4A78qrs6neBEATgQZ?= =?us-ascii?Q?1oo74nCOlt1VG1lMdJdCZ2nHThYs9YUtPRXj23ThEvoAto6wdZhanwISDqN2?= =?us-ascii?Q?b3bLaQEm5Be8R94XPBFbGhkx4+cXZlXLLEqT0mP49nQjC1l1lau0XWv8Jiy3?= =?us-ascii?Q?zUPWl4+XDMbX3bMCZq1U41jnteUZHJdnnXLF9E5UFSZiu+/GwAXuDdsGKOhD?= =?us-ascii?Q?KqX5Fq/fZClJ5nb2rnMxiWO2oMtD+ZDPz0UMA0ZlvpBno6S2ROk6wbIFVmIx?= =?us-ascii?Q?BeZTPmcEUUQ13e9Eu7VUxnX24AXZoVSoRz4DVPxzBy5YezaMyieO7qLRyAab?= =?us-ascii?Q?9H5Vma0mIMlxvTCahf5KPoJ7yT1NQ2AXSE5CLEGNo/YiSnwLYM2ERyYwIlOC?= =?us-ascii?Q?b/lWVGDX0sZGxTXcIz31LZqjSiT9pctuR8Ldg64aWQpOEB5BHAfWmWpwumFd?= =?us-ascii?Q?Dss+/uvwOtqn1l27GAI2ZzNlKiVWrHmKYh9j1EQVcoq/Y+F9jy7Y5wPzXWiy?= =?us-ascii?Q?cYd4tLAbMYqWQ1kQDPEFHjbZxLy3WLMcIQ1ys32ctD1pEW+MBtreeF57TZ9f?= =?us-ascii?Q?7IfTdNgVs+h/NVWr7etqUtIhRXXbm4FrH+ugAb3Bu+jIuIdn69aCcqK4ne3w?= =?us-ascii?Q?2vuziIwRAcoJZ7r+fmdyDZKD9dc/qu1mGU07Fx6PIPKHDRv5zEs9crXcTPxZ?= =?us-ascii?Q?bT86eIspDH/38DQRKI1aOPRM07IjFnNFy26+Q2JXR1RzoU98uGn9pnIeZ5v0?= =?us-ascii?Q?/Hnyr7gYA09dal4tFQ9BQrlAUyy1AMsw/G/ORPjIXXl30pRngkxRNPGwCL55?= =?us-ascii?Q?aOl6npQZTUm1vWr2F8Ym6xY1SGyxFPhEJvyHD1gRaFbu7nBmmW+2ekh/U8UE?= =?us-ascii?Q?QfYySEl9imj5Js/mVc58q6THmW5PPqDdsPdk689LDaq4xmwgJxI8mGlikK4x?= =?us-ascii?Q?3VVzw7JKgK00WLMCYmfPATUCXNsr1efsSa8WGjBb2tdcMXI=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR11MB320714401DE9AFBF5D24C832C0A09BYAPR11MB3207namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB3207.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: efb88127-dc25-4c9d-4c10-08d8be9de424
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jan 2021 06:21:01.8292 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: aeSPX0vLWXaw5QAk1zHuOdavmRyIIErSqLG/Z/YboGG59sKUx2ql/JZownU9GR6ssN1odFlPvYVtl9BSzvbfzQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4193
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: rcdn-core-8.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/zqpA-9hTgeOO1RPoXsTkskoBfaY>
Subject: [Sidrops] ASPA verification algorithm error
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 06:21:13 -0000

Consider the as-path (1 2 3 4), where
1 attests that 2 is its provider
4 attests that 3 is its provider
2 and 3 make no attestations.
Then the path is valid.
The algorithm in https://tools.ietf.org/html/draft-ietf-sidrops-aspa-verification-06
would incorrectly return "unknown"

Here is a working algorithm:


  *   The received AS-path is prepared:
     *   Remove duplicate ASNs.
     *   Prepend own ASN.
     *   May also prepend Forwarded-to ASN to detect own leak. (optional)
  *   For every sequence (A, B, C) of consecutive ASes in an AS-path:
     *   If A attests that B is not a provider and C attests that B is not a provider,
then B leaked the route: B is transiting for free. The segment is invalid.
     *   If either A or C attests that B is a provider, then the AS-path segment  (A, B, C) is valid.
     *   Else if either A or C make no attestation, then the leak state is unknown. Even if B lists both A and C as providers, it is not necessarily a leak, because either A or C could consider B as a provider for some of their routes, even though they don't attest to it.
  *   If all the path segments are valid, then the whole path is valid.
  *   If any of the path segments is invalid, then the whole path is invalid.
  *   Else, at least one path segment is unknown and one more rule must be applied: for any sequence of ASes (A, B1, ..., Bn, C), if A attests that B1 is not a provider and C attests that Bn is not a provider, then the AS-path is invalid. This is for any number of Bx greater than 1.



Regards,
Jakob.