FWIW, my attribute escape document is up for adoption in IDR. I've previously brought presentations for this draft covering BGP security and protocol design practices to groups like bess and grow.
The goal is to try to capture any missing common scenarios for these intrinsic BGP security and operational considerations in a more obvious place and publish it for posterity and citation. If you find this work relevant, I'd appreciate your support for the IDR adoption, additions to the document, and hopefully publication in a reasonable timeframe. -- Jeff > Begin forwarded message: > > From: Job Snijders <[email protected]> > Subject: [Idr] Re: [Core] draft-haas-idr-bgp-attribute-escape-04 - WG > Adoption call (6/2 to 6/16/2026). > Date: June 4, 2026 at 14:32:01 EDT > To: Susan Hares <[email protected]> > Cc: "idr@ietf. org" <[email protected]> > > I support WG adoption of draft-haas-idr-bgp-attribute-escape-04 > > Kind regards, > > Job > > On Tue, Jun 02, 2026 at 11:19:21PM +0000, Susan Hares wrote: >> This begins a 2-week WG adoption call for >> draft-haas-idr-bgp-attribute-escape-04.txt (6/2/2026 to 6/16/2026). >> >> The author should respond to this email with an IPR statement. >> >> WG Members - please comment on this adoption, and in your comments mention >> "support or no support. >> >> A few things from the abstract may be helpful in your reading of this draft: >> >> 1) This is an informational draft. >> 2) The focus is "optional transitive attributes" for BGP that "escape" >> inadvertently beyond intended scope >> 3) Jeff Haas feels this will help writers of new drafts correctly use these >> optional transitive attributes. >> >> Cheerily, Sue Hares >> (Shepherd) >> >> ----------- >> >> Excerpts from Abstract text: >> >> A significant part of the success of [RFC4271] BGP is >> due to its ability to incrementally add new features to its Path >> Attributes when they are marked "optional transitive". >> Implementations that are ignorant of a feature for an unknown Path >> Attribute that are so marked will propagate BGP routes with such >> attributes. >> >> Unfortunately, this blind propagation of unknown Path Attributes may >> happen for features that are intended to be used in a limited scope. >> When such Path Attributes inadvertently are carried beyond that >> scope, it can lead to things such as unintended disclosure of >> sensitive information, or cause improper routing. In their worst >> cases, such propagation may be for malformed Path Attributes and lead >> to BGP session resets or crashes. >> >> This document calls such inadvertent propagation of BGP Path >> Attributes, "attribute escape". This document further describes some >> of the scenarios that leads to this behavior and makes >> recommendations on practices that may limit its impact. >> > >> _______________________________________________ >> Idr mailing list -- [email protected] >> To unsubscribe send an email to [email protected] > > _______________________________________________ > Idr mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ GROW mailing list -- [email protected] To unsubscribe send an email to [email protected]
