From: Matthew Lepinski <[email protected]<mailto:[email protected]>> Date: Friday, July 24, 2015 at 1:31 AM To: "George, Wes" <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [sidr] New Version: draft-ietf-sidr-bgpsec-protocol-12
That being said, I agree with you that from the point of view of a denial-of-service prevention, that we should be recommending that implementations "Skip out" after a failed signature verification. When I read the text in "Step III" on page 29 within Section 5.2, I interpret that text as indicating that implementations should skip the remaining signatures once they get a failed signature verification. If you interpret that text differently, please let me know, but in my reading of the document, I understand the 5.2 algorithm as saying implementations should "skip out" when a signature is bad. WG] I agree with your interpretation. As Randy pointed out, this is probably a case of misinterpretation due to the fact that I'm not the target audience (implementers) and thus I missed something that would have been obvious to your target audience. Thanks Wes ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
