Hi!
Yes, the text below works for me. And I would assume it works for Tero as well.
Thanks!!
Alvaro.
On 11/30/16, 11:20 AM, "John G. Scudder"
> wrote:
On Nov 30, 2016, at 9:18 AM, Randy Bush >
wrote:
section 4.5
At Wed, 30 Nov 2016 05:37:24 -0800,
Randy Bush wrote:
>
> >>> and stitching back together the tcp session... same effect.
> >>
> >> Not sure why you have to stitch back together the TCP session? I
> >> thought you were supposing the "attacker" was the edge node, it can
> >> just
> ideally you also backstop that with some protections (tcp-ao, of
> course!)
and cash will fall from the sky
___
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
On Nov 30, 2016, at 9:18 AM, Randy Bush wrote:
> section 4.5 of 4593 is relevant, or all of sec 4
Thanks, used in the text below.
> i am kinda sad that 7132 is not too good on this
I looked there first but it's a *path* security threat model so can't really be
blamed for not
And again, restarting... post meeting and post travel refocusing :)
On Wed, Oct 26, 2016 at 11:35 AM, Christopher Morrow <
morrowc.li...@gmail.com> wrote:
> Restarting this thread, with some updates :)
>
> Preparing for Seoul in a few weeks time, with the intent that we do not
> meet
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Secure Inter-Domain Routing of the IETF.
Title : BGP Prefix Origin Validation State Extended Community
Authors : Pradosh Mohapatra
Updated security section to reflect SecDir and AD review.
--John
> On Nov 30, 2016, at 12:32 PM, internet-dra...@ietf.org wrote:
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Secure Inter-Domain Routing of the IETF.
>>> and stitching back together the tcp session... same effect.
>>
>> Not sure why you have to stitch back together the TCP session? I
>> thought you were supposing the "attacker" was the edge node, it can
>> just apply an export policy towards the core.
>
> say the case is inside your network,
>> draft-ietf-sidr-bgpsec-ops
waiting to rev when iesg and whomever reviews are in. if someone wants
an earlier push, shout.
>> draft-ietf-sidr-lta-use-cases
i thought this was post last call
>> draft-ietf-sidr-rtr-keying
i thought this was done
randy
Chris,
I would like to take this thread to request for comments on how to move on
SLURM.
During the Seoul meeting, Tim suggested moving it to SIDROPS since SIDR is
being closed.
Yet I had the impression that the AD hopes keeping the list/structure going
until current work items are done.
> I guess I will wait for Alvaro to answer, but so far I'm not seeing
> the need for anything more than a couple lines that remind the reader
> of the basic (in)security properties of BGP, maybe an RFC 4272
> reference.
section 4.5 of 4593 is relevant, or all of sec 4
i am kinda sad that 7132 is
On Nov 30, 2016, at 8:37 AM, Randy Bush wrote:
> the point is the tcp 'stream' does not have to be hacked in any way.
> the hack is at a layer above.
I agree. I also agree with your earlier
On Nov 29, 2016, at 8:40 PM, Randy Bush wrote:
> none of this is new.
I
12 matches
Mail list logo