Karen/Steve, Sorry for getting back to this late.
Andy is right on the money: the text validation-reconsidered has possible 'things that can go wrong' could be removed but the main idea, as Andy says, is to engineer robustness into the system in a way that the system will be more resilient in the face of unexpected events that we might have or have not thought about. Now, if you are proposing that we could have a single document enumerating threats and 'other things that could go wrong', I thing I could agree with that on the understanding that we agree to clearly separate threats from remediation proposals. This means probably removing some text from Steve's draft as well. regards, -Carlos On 11/12/15 11:43 AM, Andy Newton wrote: > >> On Nov 5, 2015, at 3:53 PM, Karen Seo <[email protected]> wrote: >> >> Folks, >> >> I think the authors have brought up some pertinent issues which have helped >> inspire other work which subsumes them. So I thank them but agree that it >> seems appropriate to drop this draft since those issues are now being >> covered in other documents and those documents have additional detail. >> Randy's I-D discusses INR transfers. Steve's draft on adverse action >> provides a detailed analysis of the "operational fragility" of the RPKI in >> the face of attacks and errors. So, if the adverse actions draft is adopted >> by the WG, we (the WG) could use the requirements stemming from these two >> IDs as the basis for a solution(s) document. Just personal preference, but >> I also find having one document per topic/issue (at least when they're as >> complex as is the case with the threat analysis) easier to follow and would >> also like to separate defining of issues and their requirements from >> describing the solution. > > If I’m reading your argument correctly, you’re saying that > validation-reconsidered is not necessary because Kent’s adverse actions draft > provides a solution. > > Except that it doesn’t. Validation reconsidered stops the harm before it > happens, where as the adverse actions draft says two things: 1) monitor and > fix the harm after it has happened, and 2) RPs should be smarter. Setting > aside the hand-waving and lack of a concrete solution, these are not > comparable proposals. > > -andy > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
