Hi Sam,
On 24/10/09 4:58 AM, "Samuel Weiler" <wei...@watson.org> wrote:
> On Mon, 15 Jun 2009, Terry Manderson wrote:
>
>
>
> For the RPKI, sections 3 and 5 are useful. I have basically ignored
> section 4.
>
> On to the specifics:
>
> Observation: Most of the Section 3 cases speak about which routes one
> wishes to have accepted (or chosen) and make no explicit statement
> about which routes one wants to have rejected. I think it would be
> useful to include such statements, perhaps as "attack" case. This may
> result in an effectively two-dimensional table of cases.
>
That will be covered in -02, Just waiting on convergence with my co-authors.
I expect to upload before the deadline.
> I believe the "partial deployment use cases" of section 5 are critical
> to the success of the RPKI, and I think the set of cases here is too
> limited. For instance, a variation on 5.1 ("parent does not do RPKI")
> is "other upstream(s) don't do RPKI". Perhaps we could generate these
> by going through the section 3 cases and, for each one, add the
> permutations of which parties do and don't support the RPKI. Sadly,
> when combined with the above, that could give us a three dimensional
> space to work in, but most of the section 3 cases involve only one
> party, so the problem should be tractable.
yes.. there is some expansion needed and I don't think _all of it_ will make
it to -02. If you take a look at the origin maps at
http://stats.research.icann.org/bgp/ and then arbitrarily pick a start point
(AS) for RPKI deployment - the permutations swings wildly on what outcome
you might allow for route validity..
For example do you want 8.6.241.0/24 to be a valid route table entry if
AS3356 only creates a ROA for 8.0.0.0/8? (refer to the origin map) in
partial deployment?
So I have been purposefully parsimonious in -02 in that section.
>
> Perhaps some of this expansion could be rolled into the next revision.
>
Cheers
Terry
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
