Re: [sidr] AD Review of sidr-origin-validation-signaling-09
> C1. The reference to rfc7607 should be Informative. > > C2. [Major] Security Considerations. I think that there is one > consideration that should be mentioned in this section: Given that the > largest value is preferred (2 = invalid), there is an attack vector > where a router in the path (yes, even an internal router) can inject a > community indicating that the route is invalid; the communities are > not protected. This action could result in inconsistent routing or in > even a DoS. I know the document is not explicit about what to do with > the validation state (which is ok), but the clear intention (from > rfc6811 and rfc7115) is that it will be used to make routing > decisions. Please add some text about this potential issue. would you prefer a revision soon, or wait for other iesg comments? randhy ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
[sidr] AD Review of sidr-origin-validation-signaling-09
Dear authors: Hi! I have a couple of comments about this document (below). I am going to start the IETF Last Call, and schedule it in the next IESG Telechat, with the expectation that my comments will be addressed before then. Thanks! Alvaro. C1. The reference to rfc7607 should be Informative. C2. [Major] Security Considerations. I think that there is one consideration that should be mentioned in this section: Given that the largest value is preferred (2 = invalid), there is an attack vector where a router in the path (yes, even an internal router) can inject a community indicating that the route is invalid; the communities are not protected. This action could result in inconsistent routing or in even a DoS. I know the document is not explicit about what to do with the validation state (which is ok), but the clear intention (from rfc6811 and rfc7115) is that it will be used to make routing decisions. Please add some text about this potential issue. ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
[sidr] Meeting Slides
howdy sidr folks, as oer usual meeting-prep, our meeting is Thursday, if you are presenting I expect to have your slides by no later than wed evening 9pm (2100 local)... in PDF format. If you send 'not pdf' format, i'll convert them ... that is guaranteed to not end well for you :) it behooves you to send pdf. thanks! and see you at the meeting :) -chris ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr