On Wed, Mar 21, 2012 at 10:52 AM, Russ White <[email protected]> wrote: > >> no, you never sent anything of this route to E so E never had anything >> to pass along to C and then to D ... knowledge of this path is not >> there, in both the SIDR and non-SIDR cases. All D knows in both SIDR >> and non-SIDR cases is: "Look at that, a path through C to B to A, >> joy!" > > If E makes up a route and sends it to D, how does D know which route to > choose?
you are changing your scenario now, fine. In the non-SIDR case... 'as path length wins' (presuming same prefix size). (also presuming that C does not filter E's routes...) In the SIDR case, if E forges the origin AND E -> C (or E->B) is a 'secured' path then origin validation may fail. prefix-filtering could still kick-in, path validation may also fail. Of course, if any of the parts B/C/D accept 'invalid' or 'unknown' (or not-signed) then the SIDR version also gets messy to follow/predict. In either case, the extra information passed along for SIDR-version is just metric-like data to be used at the next hop, or ignored. > > Without SIDR --pick up the phone, look at contracts, etc. > With SIDR --look at the signature. sure. > Clearly you've included information that didn't exist before, and that > information is in the form of a policy. nope, it's bits that you can choose to use or not. >> where is this information? about 'advertising' ? there's no concept in >> SIDR of 'you advertise to ..' or 'you are supposed to advertise to X'. > > Because you've attempted to define it out of existence --but that > doesn't make it any less real in actual implementations or deployments. no, there is no concept (in the sidr world) of publishing 'who you should advertise to' or 'what you should advertise to whom'. > You're playing games with hermeneutics here --"That signature isn't > about policy, even I've insisted that it be per prefix, and I mean for > you to use it to tell you whether or not someone intended to send a > route to someone else (and not whether or not such a path exists). But I really don't think I've said anything about 'intended'. I certainly did not say anything about 'intended to send to someone else'. > because I'm only trying to prove the positive, and not the negative, I'm > not talking about policy." > > Not being a postmodernist, I still think words actually mean something > --they actually correlate to some reality--, and they should mean the > same thing from the beginning of the conversation to the end of it. yes >> Now I think i'm not the confused one... > > We're starting from different presuppositions. You're assuming per > prefix policy isn't really policy (because you're not signing something > saying not to advertise x), and doesn't need to be dealt with as policy. > > I'm stating that failure to advertise is a policy decision, and hence > when you go about _proving_ someone didn't intend to advertise > something, then you're still making a statement of policy. If you're > going to deal with policy at all, then deal with policy in total, as > policy, in the open, rather than sneaking it in through the back door. I'm really not trying to sneak anything. we seem to be at an impasse. -chris _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
