I should have noted in my follow-up email: "I'm not expressing an opinion about the document, but here are a few suggestions/questions" Sorry for not being clear about that.
On Mon, May 12, 2014 at 5:42 PM, George, Wes <[email protected]> wrote: > I see a thread dated 2013 Nov in GROW, in which substantive discussion and > comments were provided after -03 was published, in which the authors > mainly just expressed why they were frustrated with SIDR and the IETF in > general for in their minds, ignoring this problem because it was hard, > rather than addressing the concerns raised within the WG. -04 is a > keepalive to reset the expiration date with no substantive updates. Why > are we now talking about WGLC? > Chris, you were one of the ones who said that your comments hadn’t been > addressed yet. yup, and there was some discussion which petered out after a while. Regarding my questions/comments/suggestions to the previous (or original even) version of the document, I don't recall hearing back about those, i figured that either I was in the weeds (I didn't think so) or someone else decided that my suggestions/comments didn't quite fit into the document. that's sort of a shame, but if i'm in the weeds: "ok". > (https://mailarchive.ietf.org/arch/msg/grow/0ho_RU3e15TCvp4p8ScCeObk42Y) > > Substantive comments: > This document provides one example of a route leak causing a problem that > BGPSec does not protect against, but still does not do much to provide > guidance on how such a leak would be systematically identified, It does > note that there are data supporting the assertion that this is a real > problem, and imply that perhaps additional analysis of that data would > reveal more information. I don’t think that anyone would dispute that this > is a valid attack. However: > "This document is meant to provide input into routing protocol design > choices being > considered within the IETF, and to foster discussion of the practical > implications of "policy" and "intent" in operational routing system > security." > > This document provides no actionable guidance beyond articulating the > basics of the attack, certainly no meaningful discussion of policy vs > intent other than to note that discerning intent is difficult, and as such possibly the authors are aiming at just defining what a leak is (one example type) so discussions can progress beyond 'what is a route leak again? can you point me at an RFC/definition of same?' I think this was part of the impetus for the document, or that's what I recall. > the draft is absolutely not ready for publication if the above is its > goal. We’re not hiding behind SIDR’s carefully crafted requirements and > charter here, so let’s actually have the discussion about policy and > intent and see if we can come to some consensus on how to use that info to > define a route leak such that we can first systematically find, and then > protect against it. I absolutely want to see a solution to this problem, > but one example/existence proof isn’t enough to get us moving in that > direction. > > Thanks, > > Wes > > > > On 5/12/14, 9:59 AM, "Christopher Morrow" <[email protected]> > wrote: > >>Working Group Folks: >> >>The authors of draft-ietf-grow-simple-leak-attack-bgpsec-no-help would >>like to bring the draft to WGLC, this is that LC. Please have a read >>through: >> >> >><https://datatracker.ietf.org/doc/draft-ietf-grow-simple-leak-attack-bgpse >>c-no-help/?include_text=1> >> >>Who's abstract is: >> "This document describes a very simple attack vector that illustrates >> how RPKI-enabled BGPSEC machinery as currently defined can be easily >> circumvented in order to launch a Man In The Middle (MITM) attack via >> BGP. It is meant to serve as input to the IETF's Global Routing >> Operations Working group (GROW) during routing security requirements >> discussions and subsequent specification." >> >>and raise questions/comments/suggestions/eggs on this list. >> >>I expect this WGLC to last for the normal 2wk period ending: >> 26-May-2014 >> >>-chris >>grow-co-chair >> >>_______________________________________________ >>GROW mailing list >>[email protected] >>https://www.ietf.org/mailman/listinfo/grow > > > This E-mail and any of its attachments may contain Time Warner Cable > proprietary information, which is privileged, confidential, or subject to > copyright belonging to Time Warner Cable. This E-mail is intended solely for > the use of the individual or entity to which it is addressed. If you are not > the intended recipient of this E-mail, you are hereby notified that any > dissemination, distribution, copying, or action taken in relation to the > contents of and attachments to this E-mail is strictly prohibited and may be > unlawful. If you have received this E-mail in error, please notify the sender > immediately and permanently delete the original and any copy of this E-mail > and any printout. _______________________________________________ GROW mailing list [email protected] https://www.ietf.org/mailman/listinfo/grow
