Re: [xml2rfc] subsection failure
Robert Moskowitz <rgm@htt-consult.com> Thu, 23 April 2020 21:32 UTC
Return-Path: <rgm@htt-consult.com>
X-Original-To: xml2rfc@ietfa.amsl.com
Delivered-To: xml2rfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C51B33A1405 for <xml2rfc@ietfa.amsl.com>; Thu, 23 Apr 2020 14:32:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45fUvhy0SMaI for <xml2rfc@ietfa.amsl.com>; Thu, 23 Apr 2020 14:32:01 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD7FA3A140A for <xml2rfc@ietf.org>; Thu, 23 Apr 2020 14:32:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 264F26221B; Thu, 23 Apr 2020 17:31:59 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id O8Jtn7KhCht4; Thu, 23 Apr 2020 17:31:49 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 43EDC6216A; Thu, 23 Apr 2020 17:31:49 -0400 (EDT)
To: Randy Bush <randy@psg.com>, XML2RFC Interest Group <xml2rfc@ietf.org>
References: <m21roedm1p.wl-randy@psg.com>
From: Robert Moskowitz <rgm@htt-consult.com>
Message-ID: <0e83776e-831a-1b9a-2a96-7026c0b25ee8@htt-consult.com>
Date: Thu, 23 Apr 2020 17:31:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <m21roedm1p.wl-randy@psg.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/xml2rfc/7vrxtqPP0K3s5K0BNJ_Bs7otdxA>
Subject: Re: [xml2rfc] subsection failure
X-BeenThere: xml2rfc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <xml2rfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xml2rfc>, <mailto:xml2rfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/xml2rfc/>
List-Post: <mailto:xml2rfc@ietf.org>
List-Help: <mailto:xml2rfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xml2rfc>, <mailto:xml2rfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2020 21:32:03 -0000
My experience is that you cannot have text for a section after a subsection. It all must go before the subsection or be in its own subsection. On 4/23/20 3:44 PM, Randy Bush wrote: > why does including a subsection give me > > Error: Unable to validate the XML document: draft-ymbk-sidrops-rpki-rov-timing.xml > <string>: Line 105: Element section content does not follow the DTD, expecting ((t | figure | texttable | iref)* , section*), got (t section t t t t t t t t ) > make: *** [all] Error 1 > > if i pull it to a separate section it works. > > if i eliminte the paragraphs after the first </section> it works. > binary search elimination got me nothing > > <section anchor="intro" title="Introduction"> > > <t> > This document explores, and makes recommendations for, timing of > Resource Public Key Infrastructure (RPKI) publication of ROV data, > their propagation, and their use in Relying Parties (RP), caches > and routers. > </t> > > <section anchor="struct" title="Deployment Structure"> > <t> > The RPKI supply chain from CAs to reach routers has a structure > as follows: > </t> > <t> > <list style="hanging"> > > <t hangText="Cerification Authorities:"> > The authoritative data of the RPKI are published by a > distributed set of servers, Certification Authorities, at the > IANA, RIRs, NIRs, and ISPs (see <xref target="RFC6481"/>). > </t> > > <t hangText="Publication Points:"> > The CAs publish their authoritative data in publicly > accessible repositories which have a Publication Point (PP) > for each CA. > </t> > > <t hangText="Relying Parties:"> > Relying Parties are a local set of one or more collected and > verified caches of RPKI data which are collected from the PPs. > </t> > <t> > Note that RPs can pull from other RPs, thereby creating a > somewhat complex topology. > </t> > > <t hangText="Routers:"> > Validating routers fetch data from local caches using the RPKI > to Router Protocol, <xref target="I-D.ietf-sidrops-8210bis"/>. > Routers are clients of the caches. Validating routers MUST > have a trust relationship with, and a trusted transport > channel to, any RP(s) they use. <xref > target="I-D.ietf-sidrops-8210bis"/> specifies mechanisms for > the router to assure itself of the authenticity of the cache > and to authenticate itself to the cache. > </t> > </list> > </t> > </section> > > <t> > As Resource Public Key Infrastructure (RPKI) based Route Origin > Validation (ROV) becomes deployed in the Internet, the quality of > the routing control plane, and hence timely and accurate delivery > of packets in the data plane, depend more and more on prompt and > accurate propagation of the RPKI data from the originating > Certification Authorities (CAs), to Relying Parties (RPs), to > Border Gateway Protocol (BGP) speaking routers. > </t> > > <t> > Origin Validation based on stale ROAs allows accidental > mis-origination. While delays in ROA propagation to ROV in > routers can cause loss of good traffic. Therefore minimizing > propagation time of data from CAs to routers is critical. > </t> > > <t> > Before the data can start on the CA to router chain, the resource > holder (operator) MUST create or delete the relevant ROA(s) > through the CA's operational interface(s). The operator is > responsible for anticipating their future needs for ROAs, be aware > of the propagation time from creating ROAs to effect on routing, > and SHOULD create, delete, or modify ROAs sufficiently in advance > of any needs in the routing system. > </t> > > <t> > There are questions of how frequently a CA publishes, how often an > RP pulls, and how often routers pull from their RP(s). Overall, > the router(s) SHOULD react within an hour of ROA publication. > </t> > > <t> > For CAs publishing to PPs, a few seconds to a minute seems easily > achieved with reasonable software. See <xref target="publish"/>. > </t> > > <t> > Relying Party validating caches periodically retrieve data from CA > publication points. RPs using rsync to poll publication points > every ten minutes would be a burden today, given the load it would > put on publication services, cf. one notorious repository which is > structured against specification. RPs using RRDP impose no such > load. As the infrastructure moves from rsync to RRDP, fetching > every ten minutes would be reasonable. For rsync, an hour would > be the longest acceptable window. See <xref target="rp-pull"/>. > </t> > > <t> > For the BGP speaking router(s) pulling from the RP(s), five > minutes to an hour is a wide window. But, the RPKI-Rtr protocol > does have the Serial Notify PDU, the equivalent of DNS Notify, > where the cache tells the router that it has new data. See <xref > target="router-pull"/>. > </t> > > <t> > We discuss each of these in detail below. > </t> > > </section> > > _______________________________________________ > xml2rfc mailing list > xml2rfc@ietf.org > https://www.ietf.org/mailman/listinfo/xml2rfc
- [xml2rfc] subsection failure Randy Bush
- Re: [xml2rfc] subsection failure Robert Moskowitz
- Re: [xml2rfc] subsection failure Randy Bush
- Re: [xml2rfc] subsection failure Robert Moskowitz
- Re: [xml2rfc] subsection failure Randy Bush
- Re: [xml2rfc] subsection failure Robert Moskowitz
- Re: [xml2rfc] subsection failure Randy Bush
- Re: [xml2rfc] subsection failure Robert Moskowitz
- Re: [xml2rfc] subsection failure Carsten Bormann
- Re: [xml2rfc] subsection failure Nico Williams