11, 2011, at 13:37 MST, Christopher Morrow wrote:
On Fri, Feb 11, 2011 at 10:51 AM, Shane Amante sh...@castlepoint.net wrote:
Randy,
On Jan 30, 2011, at 20:40 MST, Randy Bush wrote:
3.3 As cryptographic payloads and loading on routers are likely to
seriously increase, a BGPsec design may
On Sun, Feb 13, 2011 at 7:49 AM, Russ White r...@cisco.com wrote:
I think, that today you receive a route in BGP, you believe it's
proper and pass it on. you have no real way to tell if the route was
Isn't this what NO_EXPORT is for? Is the entire point of this exercise
to encrypt one
On Sun, Feb 13, 2011 at 1:01 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
referencing all of the messages I've sent on this topic
(bgpsec-reqs-00 draft discussions) ... all said purely as a reader of
the draft and participant in the sidr wg...
co-chair-snuggie == off
thnx
On Sun, Feb 13, 2011 at 2:13 PM, Russ White r...@cisco.com wrote:
I think, that today you receive a route in BGP, you believe it's
proper and pass it on. you have no real way to tell if the route was
Isn't this what NO_EXPORT is for? Is the entire point of this exercise
to encrypt one
On Sat, Feb 12, 2011 at 6:19 AM, Randy Bush ra...@psg.com wrote:
Route filters in many ISPs are created and validated nightly and
pushed to routers if a filter change is needed.
That isn't usually done in real time. It is almost always done on
COTS hardware (not on the router it's self).
On Fri, Feb 11, 2011 at 11:41 AM, Tony Tauber ttau...@1-4-5.net wrote:
I'm also wondering on which provider routers Randy's seeing the need for
crypto and other HW upgrades.
If it's every router that carries full routes or terminates an external BGP
session, that can be a pretty big nut to
On Fri, Feb 11, 2011 at 12:21 PM, Smith, Donald donald.sm...@qwest.com wrote:
Route filters in many ISPs are created and validated nightly and pushed to
routers if a filter change is needed.
That isn't usually done in real time. It is almost always done on COTS
hardware (not on the router
On Thu, Feb 3, 2011 at 10:59 AM, Danny McPherson da...@tcb.net wrote:
On Feb 3, 2011, at 10:47 AM, Stephen Kent wrote:
I'm a bit puzzled by your final comment above.
Path secruity includes the origin AS, and the RPKI is the mechanism adopted
by SIDR to validate the origin AS assertion for
, Christopher Morrow
christopher.mor...@gmail.com wrote:
Howdy SIDR folk,
co-chair-underoos==on - spiderman!
So, apparently I (at least) had thought this was taken care of
sometime after the Maastricht in-person meeting where I believe Terry
said he'd write this doc, in that the WG had already decided
On Fri, Dec 3, 2010 at 1:14 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Fri, Dec 3, 2010 at 1:13 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Fri, Dec 3, 2010 at 12:03 PM, Karen Seo k...@bbn.com wrote:
Date: Fri, 3 Dec 2010 12:02:42 -0500
To: Andrei Robachevsky
On Sun, Oct 17, 2010 at 5:01 PM, Geoff Huston g...@apnic.net wrote:
At the risk of repeating myself again, the sooner the IDR WG deprecates
AS_SETs in the BGP spec, the better!
So... without my co-chair items of clothes on (for sidr at least, and
grow) ... there isn't a reliable and simple
SIDR Folk,
Please take 14 days (finishing 10/30/2010) to consider the subject
draft for WG LC. There was no chatter during it's last round of WG LC,
some final edits were done by the authors and ... it's time to decide.
-chris
(wg-co-chair-cycling-socks on)
This was sent along (the requested LC message) to the list today...
see you in 2 weeks (at decision time)
-chris
(wg-co-chair-cycling-shoes == on)
On Fri, Oct 15, 2010 at 1:38 AM, Geoff Huston g...@apnic.net wrote:
Let me try that once again!
The authors have revised the text relating to the
Hey, it was 14 days... (or more) no one dissented WG-item it is!
Sam, could you please spin a re-titled -00 into the process machine?
-Chris
(wg-co-chair-airplane-neck-pillow-on)
On Tue, Sep 14, 2010 at 3:14 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
(just a change in subject
On Wed, Sep 15, 2010 at 9:40 AM, Andy Newton a...@arin.net wrote:
On Sep 14, 2010, at 3:09 PM, Christopher Morrow wrote:
today is graveyard day...
Since reanimation seems to be the theme, is draft-ietf-sidr-arch dead or
undead? Its status is marked as expired.
I think this fell down due
SIDR-WG Folks,
Hey, pulling up a note from the grave, this seems to have gotten no
dissent so, could the authors (and implementors) go scrub the stink of
tls off?
-Chris
(wg-chair-scarf on)
On Mon, Aug 30, 2010 at 11:25 AM, Warren Kumari war...@kumari.net wrote:
On Aug 25, 2010, at 4:18 AM,
It seems that the alt-doc has some revising to be done though adoption
by the WG seems like the right path here. Some author-author
discussion is being done, with some doc updates. I think the WG wants
this to be at LC in/before Bejing. We have a month to do that work.
Unless there are complaints
today is graveyard day...
Could the WG mailing-list folks discuss this for adoption please,
given no more discussion in the next 14 days we'll move ahead with
adopting it, I think.
-Chris
(wg-co-chair tie on)
On Sat, Jul 31, 2010 at 10:28 AM, Warren Kumari war...@kumari.net wrote:
Hi there
(moving this to the other thread as well, and i dont' see the
discussion on-list so .. thanks for the vote!)
-chris
On Tue, Sep 14, 2010 at 3:14 PM, Randy Bush ra...@psg.com wrote:
Could the WG mailing-list folks discuss this for adoption please,
i think we have been here before. but clearly
On Wed, Sep 8, 2010 at 10:04 AM, Rob Austein s...@isc.org wrote:
I don't see any locking strategy (either modifying rsync or creating a
new RPKI object to represent a lock) as likely to work. I can go into
details if necessary, but in short there are just too many different
ways that a
On Thu, Jul 29, 2010 at 4:14 AM, Robert Kisteleki rob...@ripe.net wrote:
On 2010.07.28. 17:54, Sandra Murphy wrote:
The problem is the possibility that not accommodating legitimate BGP
updates
might result in opportunities for bad guys to get around protections.
IMO that's not the problem.
On Thu, Jul 29, 2010 at 4:14 AM, Sriram, Kotikalapudi
kotikalapudi.sri...@nist.gov wrote:
The point of my presentation was that we can treat updates with AS_SETs
duly and in accordance with RFC 4271.
No protocol modification is required.
We need not look inside the AS_SET, and also we would
On Thu, Jul 29, 2010 at 5:41 AM, Sriram, Kotikalapudi
kotikalapudi.sri...@nist.gov wrote:
Thanks, Jeff.
One more clarification request:
What do you mean when you say first non-sequence AS?
Example:
AS path : ASN3 ASN2 ASN1 [ASN25, ASN26] AGGREGATOR: AS1
Here [ASN25, ASN26] is the AS_SET.
On a serious note(s):
o what harm does it due to just not accept these routes (globally)
and force folks to actually do the proper thing with their routers?
o how would that change if these routes could not be validated and
just lived on in the 'unknown' state?
(regular-joe-hat)
-Chris
On Wed,
On Fri, Mar 19, 2010 at 8:12 PM, Randy Bush ra...@psg.com wrote:
max-len is at the choice of the issuer of the roa. it is a macro so
they do not have to issue all the smaller roas. if they don't want the
longer prefixes announced, then they should not issue the roas, whether
as individual
On Tue, Sep 22, 2009 at 11:27 AM, Smith, Donald donald.sm...@qwest.com wrote:
Difficult to sell is putting it mildly.
Most ISPs don't run CAs today nor do they have the infrastructure to do so.
Neither will they want to turn over any aspect of routing control to a 3rd
party.
As a small
On Mon, Sep 21, 2009 at 6:29 PM, Jeffrey I. Schiller j...@mit.edu wrote:
On Mon, Sep 21, 2009 at 08:41:36PM +0200, Robert Kisteleki wrote:
I'm sorry for pointing out the obvious, but in _any_ system where you
receive a certificate from someone else -- like it or not -- that someone
else will
On Mon, Sep 21, 2009 at 11:57 PM, Jeffrey I. Schiller j...@mit.edu wrote:
On Mon, Sep 21, 2009 at 06:49:26PM -0400, Christopher Morrow wrote:
sure, and as it happens you can also have more than one certificate
for mozilla.com which is 'bad'.
Exactly how is this bad? Sure for S/MIME
On Fri, Sep 11, 2009 at 5:53 PM, David Conrad d...@virtualized.org wrote:
On Sep 7, 2009, at 9:12 AM, Randy Bush wrote:
[1] - what i have seen in the sidr wg has driven me into the group which
is extremely concerned about the rirs controling routing given
their clear lack of altruism
On Mon, Aug 10, 2009 at 2:42 AM, Terry
Mandersonterry.mander...@icann.org wrote:
On 10/08/09 4:17 PM, Randy Bush ra...@psg.com wrote:
and this is difficult why?
Not saying its difficult. Saying its a block to deployment for a LIR who has
customers that originate the assigned prefix from
301 - 330 of 330 matches
Mail list logo