> From: Randy Bush [mailto:[email protected]] > Sent: Saturday, November 12, 2011 5:45 AM > To: George, Wes > Cc: sidr wg list > Subject: Re: various > > > "However, signed updates received from BGPSec speakers outside of the > > confederation (i.e. those transiting the confederation ASes) MUST be > > passed to the other Member-ASes BGPSec speakers intact. > > nope. you could decide to strip toward one or more confed peers which > are not bgpsec capable. your routers, your decision, your policy. > don't go there.
[WEG] there's no deciding. If the peers are not BGPSec capable, you're already required to strip towards that peer, no exception was made for confed peers. The only available policy decision is whether or not you want the info carried across the confed to other BGPSec capable peers, so maybe make it a SHOULD so that it's configurable, but I think it's incomplete as is. > > imiho, saying anything more is either adding unnecessary words at best > or opening up large complexity holes at worst. [WEG] yes, there's a fine line, but as I've said before, an operational considerations document is where some of these details and their associated primrose paths have to be discussed, because you get into the shades of gray world of operationalizing this stuff. We're not always going to be able to consult you for a ruling on all of the things that you didn't say, and the IETF has no Supreme Court to interpret the "founders" intentions for those left behind. > > I figured it'd be clear from the above discussion > > and yet you want to me to go into unnecessary complications not > directly needed given my brutally specific statement? :) [WEG] Your brutally specific statement is so specific that it does not mention the second case at all, because it's not about confeds. :-) Do you or do you not agree that on the transition between private ASN and public, if remove-private is configured, any signatures containing private ASN must be removed even if the eBGP peer is BGPSec capable? Wes This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
