Re: [sidr] Opsdir last call review of draft-ietf-sidrops-rtr-keying-02

BCP seems like a fine answer here, I'm not remembering why we would have swapped to ST from BCP. On Wed, Dec 26, 2018 at 11:12 AM Warren Kumari wrote: > [ + Sandy, Alvaro ] > > On Wed, Dec 26, 2018 at 9:51 AM Scott Bradner wrote: > >> that use of a MUST is commendable but its not exactly an

Re: [sidr] I-D Action: draft-ietf-sidr-rtr-keying-16.txt

Howdy sidrops folks, this document was left hanging in SIDR, it probably was better fit to sidr-ops, so let's get Sean to re-spin a re-named document, auto-adopt that and chat up any changes/etc between now and 'meeting time' ? Ideally we can turn around after the meeting breaks and WGLC this

Re: [sidr] [Editorial Errata Reported] RFC6487 (5190)

spare > seems spare... On Tue, Nov 28, 2017 at 9:19 AM, RFC Errata System < rfc-edi...@rfc-editor.org> wrote: > The following errata report has been submitted for RFC6487, > "A Profile for X.509 PKIX Resource Certificates". > > -- > You may review the report

Re: [sidr] Mirja Kühlewind's No Objection on draft-ietf-sidr-bgpsec-ops-12: (with COMMENT)

On Tue, Jan 3, 2017 at 6:31 PM, Randy Bush wrote: > >> ok, i have had coffee. > >> > >> as a bif gedanken experiment, posit a global registry where r0 can say > >> "i can speak bgpsec." i am a distant r1 and receive an unsigned path > >> with r0 in it. > >> o did someone before

Re: [sidr] Current document status && directionz

is desirable to bring about inputs and comments to conclude > this work. > > if we're just haggling on format... then let's try to finish here? How about we give it until ~monday for comments here, then start WGLC if no comments/movement? > > Di > > > > 在 2016年12月1日，02:33，Chr

Re: [sidr] Current document status && directionz

And again, restarting... post meeting and post travel refocusing :) On Wed, Oct 26, 2016 at 11:35 AM, Christopher Morrow < morrowc.li...@gmail.com> wrote: > Restarting this thread, with some updates :) > > Preparing for Seoul in a few weeks time, with the intent that we do

Re: [sidr] Agenda Upload

FYI: Draft Agenda updated, happy to accept changes still :) On Tue, Nov 8, 2016 at 7:00 PM, Declan Ma wrote: > +1. > > Intriguing! > > I was considering how inter-chche works. > > Di > > > 在 2016年11月8日，13:26，Randy Bush 写道： > > > > i stil think we should be doing

Re: [sidr] Current document status && directionz

On Wed, Oct 26, 2016 at 11:18 PM, Randy Bush wrote: > > Currently we have the following in IESG/pub-request status (13 > documents): > > draft-ietf-sidr-adverse-actions > > draft-ietf-sidr-as-migration > > draft-ietf-sidr-bgpsec-algs > > draft-ietf-sidr-bgpsec-ops > >

Re: [sidr] Current document status && directionz

Restarting this thread, with some updates :) Preparing for Seoul in a few weeks time, with the intent that we do not meet face-to-face in Chicago, have all current 'protocol' related docs to the IESG/done and meet instead in sidr-ops if there are agenda items at that time :) Currently we have

Re: [sidr] WGLC - draft-ietf-sidr-rpki-validation-reconsidered - ends 10/25/2016

I'll prepare the shepherd doc and await an ack/nack to this mail before pushing forward to IESG. On Wed, Oct 26, 2016 at 11:32 AM, Tim Bruijnzeels wrote: > Hi Sean, Tom, Russ, and all, > > Sorry for bringing this up late. Technically past 25 October, and yes I > would like to see

Re: [sidr] WGLC - draft-ietf-sidr-rpki-validation-reconsidered - ends 10/25/2016

howdy! it's past 10/25, so... I think despite seeing only 2 folk reply I think this document should move forward, so I'll send up a pub-request shortly. On Tue, Oct 25, 2016 at 11:13 PM, Sriram, Kotikalapudi (Fed) < kotikalapudi.sri...@nist.gov> wrote: > I read the draft once again. I support

Re: [sidr] WGLC - draft-ietf-sidr-delta-protocol - 10/25/2016

Considering this protocol is run over https it > seems like a step in the right direction away from unsecured rsync. So the > idea seems sensible and after re-reading the draft I think we are a go for > launch [0]. > > spt > > [0] https://www.youtube.com/watch?v=zVf-rehP4b8 > > &

Re: [sidr] wglc for draft-ietf-sidr-adverse-actions-00

Howdy folks! This WGLC ended up being a bit more of a long discussion than I anticipated... I think since this WGLC there have been 2 document updates to catch comments/concerns/etc and I think deal with them properly. I don't see anymore chatter for this document after 9/2/2016, so I think we

Re: [sidr] Seoul/IETF97 Meeting Agenda Request

Howdy! So far, with 20 days to go.. there are 2 folk asking for time... (or possibly I didn't document requests which is totally possible!) If your name isn't Declan Ma or Joel Jaeggli and you had plans to present something in Seoul, please contact the sidr-cha...@ietf.org for scheduling! -chris

Re: [sidr] WGLC - draft-ietf-sidr-delta-protocol - 10/25/2016

Howdy! 5 more days until this call expires, please read and comment... or at least say: "Hey! I did read this it is [awesome|horrible|acceptable|dumpsterfire]" thanks! -chris (feel free to cut/paste/edit the quote if it'll save you time) On Tue, Oct 11, 2016 at 10:15 AM, Chris Morrow

Re: [sidr] WGLC - draft-ietf-sidr-rpki-validation-reconsidered - ends 10/25/2016

Howdy WG Folks! Have we read this document and do we have opinions on it's intended status/direction/content/the-moon? Thanks! (5 days til timers go off) -chris On Tue, Oct 11, 2016 at 10:08 AM, Chris Morrow wrote: > Howdy WG folks! > The authors of: >

Re: [sidr] WGLC - draft-ietf-sidr-publication - ENDS: 08/18/2016 - August 18, 2016

pub request sent. On Wed, Sep 21, 2016 at 5:34 PM, Christopher Morrow <morrowc.li...@gmail.com > wrote: > Hey! vacation wasn't really this long, but... how about we call this > finished, successful and I send along a pub request upstream. > > On Tue, Aug 23, 2016 at 10:40 AM,

Re: [sidr] WGLC - draft-ietf-sidr-publication - ENDS: 08/18/2016 - August 18, 2016

Hey! vacation wasn't really this long, but... how about we call this finished, successful and I send along a pub request upstream. On Tue, Aug 23, 2016 at 10:40 AM, Christopher Morrow < morrowc.li...@gmail.com> wrote: > great! once I get back to the office (monday) I'll send out the

Re: [sidr] Current document status && directionz

On Thu, Sep 8, 2016 at 1:47 PM, David Conrad wrote: > Chris, > > sure... I think sriram may cover this in his document about the decision > processes which lead to where we are today. > > I think, one way to look at the document and situation is this: > o community folks

Re: [sidr] Current document status && directionz

On Thu, Sep 8, 2016 at 9:32 AM, Heasley wrote: > > > Am 08.09.2016 um 00:42 schrieb Randy Bush : > > >> Or maybe there's pushback that says: "Hey, I hear what you all in the > >> rir want, but it's not cool, please please let's dive back into the > >> politics

Re: [sidr] Current document status && directionz

On Wed, Sep 7, 2016 at 10:55 AM, Andrew de la Haye <andr...@ripe.net> wrote: > > On 07 Sep 2016, at 16:42, Christopher Morrow <morrowc.li...@gmail.com> > wrote: > > > > On Wed, Sep 7, 2016 at 12:07 AM, Rob Austein <s...@hactrn.net> wrote: > >> At Tu

Re: [sidr] Current document status && directionz

On Wed, Sep 7, 2016 at 12:07 AM, Rob Austein <s...@hactrn.net> wrote: > At Tue, 6 Sep 2016 22:48:07 -0400, Christopher Morrow wrote: > > > > (note, I do not care for this message about politics) > > Understood, with the caveat that since it's the politics which are &g

Re: [sidr] Current document status && directionz

On Tue, Sep 6, 2016 at 6:00 PM, Rob Austein wrote: > I guess one question here is the purpose of publishing this document: > > a) If the purpose of asking the WG to publish is a hope that the WG >will agree that this is a good idea, then I'm with Randy and Steve >in the

Re: [sidr] adverse actions -01 posted

On Tue, Aug 2, 2016 at 3:54 PM, Stephen Kent wrote: > Randy > >> Tim offered no suggestion for a different term, which is not helpful. > the suggestion was "unwanted". >>> I reread Tim's message; I don't interpret it as having suggested >>> "unwanted" as an

Re: [sidr] Proposal for next steps - chartering sidrops?

routing-ads -> rtg-ads. On Tue, Aug 23, 2016 at 10:32 AM, Christopher Morrow < morrowc.li...@gmail.com> wrote: > (fixed sidr-chairs, don't know routing-ads alias, apparently) > > On Tue, Aug 23, 2016 at 10:22 AM, Christopher Morrow < > morrowc.li...@gmail.com> wrote: &

Re: [sidr] WGLC - draft-ietf-sidr-publication - ENDS: 08/18/2016 - August 18, 2016

great! once I get back to the office (monday) I'll send out the upstream request. On Mon, Aug 22, 2016 at 8:14 AM, Oleg Muravskiy wrote: > > > On 17 Aug 2016, at 01:35, Samuel Weiler wrote: > > > > On Tue, 2 Aug 2016, Chris Morrow wrote: > > > >> Please

Re: [sidr] Proposal for next steps - chartering sidrops?

(fixed sidr-chairs, don't know routing-ads alias, apparently) On Tue, Aug 23, 2016 at 10:22 AM, Christopher Morrow < morrowc.li...@gmail.com> wrote: > The changes from Carlos seem ok to me, and declan's points about ca/rir > also seem on point. > thanks! (for fixing the clearly

Re: [sidr] Proposal for next steps - chartering sidrops?

The changes from Carlos seem ok to me, and declan's points about ca/rir also seem on point. thanks! (for fixing the clearly network centric text!) On Mon, Aug 22, 2016 at 5:03 PM, joel jaeggli wrote: > On 8/17/16 7:43 PM, Declan Ma wrote: > > Joel, > > > > When we are talking

Re: [sidr] WGLC - draft-ietf-sidr-publication - ENDS: 08/18/2016 - August 18, 2016

terrific! one vote! more? :) (sandy's right some more folk checking through would be good, we collected a bunch of heat about needing a different option than the original transport, now we possibly have one...) On Fri, Aug 12, 2016 at 8:10 PM, Randy Bush wrote: > have read.

Re: [sidr] I-D Action: draft-ietf-sidr-publication-08.txt

Ok, since we have cycled this document a few times and the last set(s) of comments were dealt with, I'm going to send a WGLC note, let's get chatty on that thread? On Mon, Mar 28, 2016 at 1:12 PM, Samuel Weiler wrote: > On Mon, 21 Mar 2016, Rob Austein wrote: > > Protocol

Re: [sidr] two stranded docuemnts - stake time

On Fri, Jul 22, 2016 at 8:16 AM, Randy Bush wrote: > > 1) use-cases - decide on tweaks & rev-document: Aug 1 > > review and WGLC Aug 14 > > send to IESG Sept 1 > > do we have a concise issue list (other than steve not liking the style > used)?

Re: [sidr] FW: I-D Action: draft-ietf-sidr-bgpsec-protocol-17.txt

thanks! :) On Thu, Jun 23, 2016 at 10:42 AM, Sriram, Kotikalapudi (Fed) < kotikalapudi.sri...@nist.gov> wrote: > Many thanks to John Scudder for a very careful review of version-15 of the > draft. > He offered an excellent set of editorial comments to the document editors > and shepherd. > His

Re: [sidr] working group adoption call for draft-kklf-sidr-route-server-rpki-light-01

On Thu, May 5, 2016 at 5:16 PM, Carlos M. Martinez <carlosm3...@gmail.com> wrote: > hey! > > On 5/5/16 3:30 PM, Christopher Morrow wrote: > > > I think it's an interesting topic to discuss, I'm a little worried > > > that: "Because the third p

Re: [sidr] working group adoption call for draft-kklf-sidr-route-server-rpki-light-01

(as a working group person) I think it's an interesting topic to discuss, I'm a little worried that: "Because the third party said things are 'ok' I'll believe things are ok!" mostly because I don't see a clear method to ensure that 'third party' has: 1) up-to-date information 2) my best

Re: [sidr] BGPSec RFC status

​ howdy, it's past 4/29/2016 || 29/4/2016 || Mar 29 2016... and from the discussion on-list and mostly in the room in EZE, it appears: "Please maintain Proposed Standard as the track for SIDR work." i think this closes out the discussion. thanks for deliberating and discussing this topic!

Re: [sidr] BGPSec RFC status

There's been some good discussion on this, i think we (chairs) didn't expect the list to jump on this without some prompting... but it's nice to see :) So, in service of 'coming to a decision' I think we should debate/discuss for another bit, and close discussion Fri 4/29/2016 - April 29th 2016.

Re: [sidr] BGPSec RFC status

On Thu, Apr 14, 2016 at 10:05 PM, Russ White <7ri...@gmail.com> wrote: > > > snmp, netconf, yang, ... heck even cops played in the space > > > > when your so-bgp, 15 years in the non-making, is mature as a document > set, > > with two or more implementations, i'll support it for standards track,

Re: [sidr] I-D Action: draft-ietf-sidr-as-migration-04.txt

howdy! On Tue, Dec 1, 2015 at 11:38 AM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > On Tue, Dec 1, 2015 at 11:29 AM, Christopher Morrow > <morrowc.li...@gmail.com> wrote: >> Unless the commentors speak up in the next 2-3 days I'll kick this >> forwa

Re: [sidr] I-D Action: draft-ietf-sidr-as-migration-04.txt

Unless the commentors speak up in the next 2-3 days I'll kick this forward to the IESG for publication... On Fri, Oct 16, 2015 at 12:01 PM, George, Wes wrote: > I believe that this draft is complete and ready to move forward. This > version addresses AD-review comments

Re: [sidr] I-D Action: draft-ietf-sidr-as-migration-04.txt

On Tue, Dec 1, 2015 at 11:29 AM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > Unless the commentors speak up in the next 2-3 days I'll kick this > forward to the IESG for publication... For those that like precise dates: dec 3 2015 2200 UTC (or there abouts) > > On

Re: [sidr] Validation Reconsidered (again/again) question

On Mon, Nov 23, 2015 at 5:13 PM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > Pinging this thread to catch anyone who didn't reply but had thoughts > I'd like to close this out tomorrow before 5pm EST (10pm UTC). > Damn my lack of date specificity!! To be clear, I

Re: [sidr] Validation Reconsidered (again/again) question

Pinging this thread to catch anyone who didn't reply but had thoughts I'd like to close this out tomorrow before 5pm EST (10pm UTC). thanks! -chris On Sat, Nov 21, 2015 at 9:24 AM, Randy Bush wrote: >> the intent is an appropriate change to improve robustness of the >> system. >

[sidr] Validation Reconsidered (again/again) question

Please take 2 weeks time to consider: "This document was adopted as a WG work item, should we accept this change and complete the work or not?" where: 'this document' is: I'll close the mic line on: 11/20/2015

Re: [sidr] Validation reconsidered draft status

hurray! ambiguity in questions was raised by an interested party... I'd rather do this Friday at the end of the meeting with a short presentation/conversation. -chris On Tue, Nov 3, 2015 at 8:21 PM, Christopher Morrow <christopher.mor...@gmail.com> wrote: > During the meeting today (

[sidr] Validation reconsidered draft status

During the meeting today (tues 11/3/2015) one of the authors of: draft-ietf-sidr-rpki-validation-reconsidered noted that after the last set of updates and over the history of the document (2+yrs) there's been no real support nor direction from the working-group. Additionally, all co-authors

Re: [sidr] [Idr] Route Leaks and solutions

I think I see the current plan as a it challenging to depend upon... If the RLP bit is dependent upon ops folks getting the right config-bit set for each customer we would want that to be as much automated as possible so there would be the least chance for 'forgot to set the bit' or 'set bit

Re: [sidr] New Version: draft-ietf-sidr-bgpsec-protocol-12

I think this means you are asking for a WGLC, yes? If so we can ship a note to the list (here) about that... On Mon, Jun 15, 2015 at 12:41 AM, Matthew Lepinski mlepinski.i...@gmail.com wrote: I have submitted a new version of the BGPsec protocol specification. This version includes some minor

Re: [sidr] LTA Management and friend(s): draft-ietf-sidr-ltamgmt

An off-list post reminded me: draft-ietf-sidr-lta-use-cases-02.txt is still of interest and probably should get worked on prior to slurm. (at least so we know why we'll be interested in slurm) On Mon, Jun 1, 2015 at 5:11 PM, m...@islandpeaksoftware.com wrote: LTAmgmt: destroy it, destroy it

Re: [sidr] Correction re: draft-ietf-sidr-lta-use-cases

could I suggest that: A ... is a bit rough on the reader in sentences like: A wants to re-route traffic from these organizations... A what? a giraffe? oh! Entity-A (or Network-A).. maybe change 'A' to 'Entity-A' or 'Network-A' ? Also there's a sad choice of time to use a pronoun in your

Re: [sidr] AD review and progressing draft-ietf-sidr-as-migration-02

sounds like a good topic for the mic/front/preso in dallas... to me at least. On Sat, Feb 7, 2015 at 9:34 AM, George, Wes wesley.geo...@twcable.com wrote: I posed some questions about this in my WGLC review of bgpsec spec, but haven't heard anything back. Current schedule has this being

Re: [sidr] New version : draft-ietf-sidr-bgpsec-protocol-10

On Mon, Nov 24, 2014 at 3:08 PM, Smith, Donald donald.sm...@centurylink.com wrote: Wouldn't GTSM and tcp-ao help with DOS attacks? I think this was focused only on the uplift to bgp that bgpsec is supposed to be, so the assumption was/is that you'd already be doing 'bgp best practices'.

Re: [sidr] [Idr] A note from today's IDR/SIDR joint meeting - RPKI-RTR protocol document

On Mon, Nov 17, 2014 at 4:32 AM, Roque Gagliano (rogaglia) rogag...@cisco.com wrote: Chis, The document is now RFC 6912 published as BCP. great! (I should have looked further along the line in the tools page I bet) Regards, Roque On 14/11/14 21:00, Christopher Morrow christopher.mor

[sidr] A note from today's IDR/SIDR joint meeting - RPKI-RTR protocol document

The topic of getting 'rpki data to routers' is covered in the 'rpki-rtr' document: RFC6810 - http://tools.ietf.org/html/rfc6810 and: http://tools.ietf.org/wg/sidr/draft-ietf-sidr-rpki-rtr-rfc6810-bis/ -chris ___ sidr mailing list sidr@ietf.org

Re: [sidr] A note from today's IDR/SIDR joint meeting - RPKI-RTR protocol document

Also there was a question (from hannes?) about algorithm change processes and timelines.. that's covered in: https://tools.ietf.org/html/draft-ietf-sidr-algorithm-agility-12 -chris On Fri, Nov 14, 2014 at 2:50 PM, Christopher Morrow christopher.mor...@gmail.com wrote: The topic of getting

Re: [sidr] Violation of RFC 6811 - Route Selection Algorithm Due To RPKI State

On Tue, Nov 11, 2014 at 1:17 AM, Mark Tinka mark.ti...@seacom.mu wrote: Hello all. In operating RPKI on Cisco IOS and IOS XE devices, we note that this vendor is deliberately making BGP best path decisions based on RPKI state of a route without the explicit input of operator-based routing

Re: [sidr] WGLC - draft-ietf-sidr-as-migration

Seeing some more folk comment on this, and seeing that the IDR pair document: draft-ietf-idr-as-migration-03 is headed out to publication request as well, let's close this WGLC and move this document along as well. -chris On Tue, Sep 30, 2014 at 10:28 AM, George, Wes wesley.geo...@twcable.com

Re: [sidr] WGLC - draft-ietf-sidr-as-migration

it's helpful to migrating operational networks together... in a land where SIDR is in play) On Fri, Sep 12, 2014 at 10:29 AM, Christopher Morrow morrowc.li...@gmail.com wrote: Boo! people ought to read and write.. it's friday! take some time to review and make sure there's not like mistakes

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

probably shorter than this step) process. Thanks for bearing with the process so far... -chris co-chair-person On Wed, May 21, 2014 at 3:59 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Wed, May 21, 2014 at 3:53 PM, Randy Bush ra...@psg.com wrote: ok, so we're just holding on roque

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

On Wed, May 21, 2014 at 3:18 PM, George, Wes wesley.geo...@twcable.com wrote: On 5/20/14, 10:38 AM, Randy Bush ra...@psg.com wrote: we got past folk looking up 'per se' in their dictionaries. Well not exactly, since that was never the initial problem. I just decided not to make an issue

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

On Wed, May 21, 2014 at 3:53 PM, Randy Bush ra...@psg.com wrote: ok, so we're just holding on roque then? no. i know how to deal with that one. but i do not want to make multiple updates. so waiting for wglc to finish (actually, i think it timed out already), so i can issue one hack. yes,

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

i didn't update the tracker... (i hadn't ever in the past). Did we circle down on an answer for the leak/persay language that everyone's happy with? If so I'd like to push out a pub request today. On Tue, May 20, 2014 at 9:52 AM, Randy Bush ra...@psg.com wrote: funny. datatracker does not show

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

On Tue, May 20, 2014 at 10:38 AM, Randy Bush ra...@psg.com wrote: i didn't update the tracker... (i hadn't ever in the past). uh, that is between you and the datawhacker Did we circle down on an answer for the leak/persay language that everyone's happy with? If so I'd like to push out a pub

Re: [sidr] Questions about draft-huston-rpki-validation-01

On Tue, May 20, 2014 at 8:10 AM, Geoff Huston gih...@gmail.com wrote: On 20 May 2014, at 4:38 am, Christopher Morrow morrowc.li...@gmail.com wrote: It's unclear to me what would happen if you split this into a prefix/asn per cert and just carried more certs in your purse. Why would I

Re: [sidr] Questions about draft-huston-rpki-validation-01

On Thu, Apr 17, 2014 at 11:35 AM, Tim Bruijnzeels t...@ripe.net wrote: Certificate 1: {10.0.0.0/12, AS64501, AS64505, AS64509} (TA certificate) Certificate 2: {10.0.0.0/22, AS64501, AS64505, AS64511} Certificate 3: {10.0.0.0/20, AS64501, AS64509} It's unclear to me what would happen if you

Re: [sidr] WGLC for draft-ietf-sidr-origin-validation-signaling-04

On Mon, May 5, 2014 at 12:10 PM, Roque Gagliano (rogaglia) rogag...@cisco.com wrote: Sandra, I support this document moving forward to the IESG. I read the document as part of the WGLC process and I believe the text is ready for publication. My only question is a formality from Section 3

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

On Mon, May 5, 2014 at 12:41 PM, Randy Bush ra...@psg.com wrote: 3.14 While the trust level of a route should be determined by the BGPsec protocol, local routing preference and policy MUST then be applied to best path and other routing decisions. Such mechanisms

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

coming back to this discussion... On Fri, Feb 7, 2014 at 10:17 PM, Randy Bush ra...@psg.com wrote: perhaps people should use a dictionary and look up per se. (from dictionary.com, or wherever bing.com 'define per se' comes from) per se 1. by or in itself or themselves; intrinsically. so, as I

Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-reqs

On Mon, Apr 14, 2014 at 11:00 AM, Randy Bush ra...@psg.com wrote: while checking the docco, i found 3.14 While the trust level of a route should be determined by the BGPsec protocol, local routing preference and policy MUST then be applied to best path and other routing

[sidr] BGPSEC Algorithms document missing a clear reference?

It was pointed out in passing (hallway/table conversation) that in: draft-ietf-sidr-bgpsec-algs-05 (at least 05) there's this text in section 2: NOTE: The exception to the above hashing algorithm is the use of SHA-1 [SHS] when CAs generate authority and subject key identifiers

Re: [sidr] [GROW] I-D Action: draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.txt

Cc: Christopher Morrow; g...@ietf.org g...@ietf.org Subject: Re: [GROW] I-D Action: draft-ietf-grow-simple-leak-attack-bgpsec-no-help-03.txt If you are referring to the proposal that valley free paths are all instances of unintended routing, then as I recall there is a line of argument

Re: [sidr] Last Call: draft-ietf-sidr-origin-ops-21.txt (RPKI-Based Origin Validation Operation) to Best Current Practice

On Thu, Sep 26, 2013 at 5:19 PM, George, Wes wesley.geo...@twcable.com wrote: [WEG] close enough, ship it. hurray! :) (I'm also ok with the last edit buffer fun) thank wes and randy for a fun discussion. -chris ___ sidr mailing list sidr@ietf.org

Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00

On Wed, Sep 18, 2013 at 3:16 PM, Murphy, Sandra sandra.mur...@parsons.com wrote: Looks like this is the final word. Consensus of the wglc is that the document is good to go, with revisions. Draft authors, could you please submit a new version with the wording suggested below?

Re: [sidr] Last Call: draft-ietf-sidr-origin-ops-21.txt (RPKI-Based Origin Validation Operation) to Best Current Practice

On Wed, Sep 25, 2013 at 12:38 PM, George, Wes wesley.geo...@twcable.com wrote: From: christopher.mor...@gmail.com [mailto:christopher.mor...@gmail.com] [CLM] In the RPKIcache example, 'consumer' is 'routers in your network'. 'Close' is 'close enough that bootstrapping isn't a problem',

Re: [sidr] Last Call: draft-ietf-sidr-origin-ops-21.txt (RPKI-Based Origin Validation Operation) to Best Current Practice

On Tue, Sep 24, 2013 at 12:26 PM, George, Wes wesley.geo...@twcable.com wrote: From: Randy Bush [mailto:ra...@psg.com] i think the two paragraphs you would like to see improved are [snip] i am not against further explanation, send text. but short text. :) [WEG] just the first paragraph

Re: [sidr] Suspenders, redux

great, thanks! I hope we can all have a read through prior to vancouver and plan to discuss this there. On Tue, Sep 10, 2013 at 7:23 AM, Stephen Kent k...@bbn.com wrote: Whoops. I forgot to include the URL for Suspenders: http://www.ietf.org/id/draft-kent-sidr-suspenders-00.txt

Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-threats-06.txt

On Fri, Sep 6, 2013 at 4:38 PM, Stephen Kent k...@bbn.com wrote: Dave, Fair questions for a somewhat complex environment. SIDR develops security standards for inter-domain routing, working within the context of BGP standards developed by IDR. GROW has more of an operations focus, and is

Re: [sidr] LTAM Discussion and questions

On Thu, Aug 15, 2013 at 5:38 PM, Stephen Kent k...@bbn.com wrote: Chris, I agree with several of the folks who commented about the LTAMv2 presentation and your call for comments. We need to provide an updated description of the problems we are trying to address, and details of how we

Re: [sidr] Princeton University:: Impacting IP Address Reachability via RPKI Manipulations

On Tue, Apr 2, 2013 at 1:59 PM, Stephen Kent k...@bbn.com wrote: Danny, The architecture permits overlapping allocations to accommodate transfers that involve address space that is in use. I've been told by several operators that, for this sort of transfer, such overlap is required.

Re: [sidr] comments on the repository analysis I-D

On Thu, Mar 21, 2013 at 6:09 AM, Oleg Muravskiy o...@ripe.net wrote: Hi Christopher, Christopher Morrow wrote: Comment 1 (also related with 44): I agree that ISPs may operate caches in behalf end-users ASNs, but also I think that more than 1 cache may be operated by a single ISP. Imagine

Re: [sidr] comments on the repository analysis I-D

On Thu, Mar 21, 2013 at 11:43 AM, Randy Bush ra...@psg.com wrote: In our analysis we associate number of CAs in the global RPKI with the number of distinct IP resource holders. sure, and as a proxy for that 'AS Operator', it's not a 1:1 correlation to be sure but it should be reasonably close,

Re: [sidr] comments on the repository analysis I-D

On Thu, Mar 21, 2013 at 1:55 PM, Randy Bush ra...@psg.com wrote: I have, a model that says: If you want to publish a ROA, you need to have a CA and you need to run a publication point land this a roa and a CA). Wherever did you get that? I figured in the worst case you'd end up with 1:1... I

Re: [sidr] comments on the repository analysis I-D

On Thu, Mar 21, 2013 at 4:42 PM, Danny McPherson da...@tcb.net wrote: On 2013-03-21 14:29, Chris Morrow wrote: TODAY it reduces the number, yes. 100% agree. TOMORROW the number of repositories, even those which are 'hosted' will be split up by name and/or ip-address... I have a feeling

Re: [sidr] comments on the repository analysis I-D

On Thu, Mar 21, 2013 at 5:42 PM, Danny McPherson da...@tcb.net wrote: so, to me, this is just 'more objects with a tight(er) timeframe on delivery' right? meaning: today you have (for sake of the conversation) relatively static content in the repository, where data changes 1/2/3

Re: [sidr] comments on the repository analysis I-D

I'm not a fan of word in general.. but this comment numbering rules ;) On Mon, Mar 18, 2013 at 10:33 AM, Arturo Servin arturo.ser...@gmail.com wrote: Hi, Some comments about Steve comments: Comment 1 (also related with 44): I agree that ISPs may operate caches in behalf end-users

Re: [sidr] comments on the repository analysis I-D

On Mon, Mar 18, 2013 at 12:22 PM, Bryan Weber brweb...@yahoo.com wrote: Anyway, as someone who has considered this in the past I just wanted to document some of my thoughts regarding the idea. awesome, thanks! I didn't imagine one monolithic repository, but one per pub-point.. I don't think

Re: [sidr] ORIGINs

On Tue, Mar 12, 2013 at 9:38 AM, Matthew Lepinski mlepinski.i...@gmail.com wrote: A quick clarification: The current BGPSEC protocol specification can easily be modified to protect the ORIGIN attribute. (That is, prevent it from being modified by intermediate ASes.) I can very quickly put out

Re: [sidr] ORIGINs

On Sun, Mar 10, 2013 at 12:00 PM, Danny McPherson da...@tcb.net wrote: On 2013-03-08 11:10, Murphy, Sandra wrote: In reviewing the discussions about the threat document, the wg eventual consensus wrt one topic was not clear to the chairs. The ORIGIN attribute was mentioned by some as having

Re: [sidr] slight whoops ...

On Thu, Mar 7, 2013 at 3:25 PM, Danny McPherson da...@tcb.net wrote: On 2013-03-07 13:18, Christopher Morrow wrote: please click on this link to accept my TOS: https://badplace.com/malwareCPS.cps.doc.exe.pdf.gif That could be included anywhere - and if it's in a resource certificate

Re: [sidr] WGLC: draft-ietf-sidr-cps (end 2013-03-07 - Mar 07, 2013)

: I'll go along with that. I'm not seeing any major structural alterations to the draft (at this stage) by doing that. Cheers, Terry On 02/03/2013, at 2:37 AM, Christopher Morrow morrowc.li...@gmail.com wrote: Great... so assuming the authors deal with this set of comments we'll ask

Re: [sidr] WGLC: draft-ietf-sidr-cps (end 2013-03-07 - Mar 07, 2013)

Great... so assuming the authors deal with this set of comments we'll ask them to spin a new version and submit that for WGLC when it arrives? Does that seem like a good path for those still listening? -chris co-chair-1-of-3 On Thu, Feb 28, 2013 at 9:30 AM, Sean Turner turn...@ieca.com wrote:

Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-threats-04.txt

On Tue, Jan 22, 2013 at 10:07 AM, Eric Osterweil eosterw...@verisign.com wrote: snip - I also don't understand how the text in this (a threats document) can claim that route leaks are beyond the scope of PATHSEC in a fait accompli manner... This is a threats document, right? This is a

[sidr] Fwd: [OPSEC] I-D Action: draft-ietf-opsec-bgp-security-00.txt

of interest ... sounds like (from the abstract) this is more along the lines of a BCP. -- Forwarded message -- From: internet-dra...@ietf.org Date: Fri, Jan 18, 2013 at 9:48 AM Subject: [OPSEC] I-D Action: draft-ietf-opsec-bgp-security-00.txt To: i-d-annou...@ietf.org Cc:

Re: [sidr] I-D ACTION:draft-ietf-sidr-cps-00.txt

Hey there SIDR folk, This draft seemed to expire, yesterday, oops! I think we need a CPS describing document, so I bet the authors will refresh this in time. That said: 1) does the current version need work still? Was the combination of the previous 2 documents:

Re: [sidr] the need for speed

On Wed, Dec 26, 2012 at 12:37 PM, Sriram, Kotikalapudi kotikalapudi.sri...@nist.gov wrote: However, I would note that the use case I've outlined above is more broad than 'just' DDoS attack. Specifically, think of natural or man-made disasters. In the latter case, it's often the case that a

Re: [sidr] the need for speed

On Wed, Dec 19, 2012 at 12:33 PM, Pradosh Mohapatra (pmohapat) pmoha...@cisco.com wrote: In these use cases, what breaks if we allow two ROAs to co-exist in the system (one authorizing the customer AS and one authorizing the proxy AS the system already permits multiple ROA's for the same

Re: [sidr] the need for speed

On Wed, Dec 19, 2012 at 1:54 PM, Pradosh Mohapatra (pmohapat) pmoha...@cisco.com wrote: No, thanks for clarifying. For DDoS mitigation at least, I thought there would be a prior business relationship. I am not familiar with on-the-fly relationship building process. for that case, and shane's

Re: [sidr] the need for speed

On Tue, Dec 18, 2012 at 4:24 PM, Dongting Yu dongting...@cl.cam.ac.uk wrote: [apologies if I am sending this multiple times, having trouble with replying] A concept that could be borrowed from DNS side is the ability for anyone to go from the top and skip the cache(s) on an ad hoc basis.

Re: [sidr] Scaling properties of caching in a globally deployed RPKI / BGPSEC system

On Fri, Dec 7, 2012 at 12:35 PM, Montgomery, Douglas do...@nist.gov wrote: suggesting/discussing loading a RIB from DNS queries. I was thought we were discussing information systems that might allow me to validate the origin of an router's RIB. That problem is O(500K) at time zero.

Re: [sidr] Scaling properties of caching in a globally deployed RPKI / BGPSEC system

On Fri, Dec 7, 2012 at 1:24 PM, Russ White ru...@riw.us wrote: You are twisting the fact when you are mixing hosted-rpiki and rpki-repositories as the same thing. (*note quoting russ's message, but not actually aiming at russ in particular) could we focus a bit of the conversation on

Re: [sidr] Reboot: questions regarding WG acceptance of draft-ymbk-rpki-grandparenting-02

clarifying question in your example... On Fri, Dec 7, 2012 at 12:32 PM, Brian Dickson brian.peter.dick...@gmail.com wrote: P.S. Here is a worked example to illustrate this concept: Suppose the initial state of affairs is as follows: 10.0.0.0/8 is delegated by IANA to RIR A. RIR A does not

  1   2   3   4   >