Jeff, On 28/03/12 6:19 PM, "Jeffrey Haas" <jh...@pfrc.org> wrote:
> Per my mic comment at IETF 83: > During the San Diego interim session we had discussed potentially signaling > in BGP the idea that a given AS may have fresher data available in its > repository. > > My original thought had been something along the lines of a new AFI/SAFI > that contains this data. Matt L., in discussing this point at the mic with > me, suggested something that has resemblence to the serial number field in > DNS. For example, this field could go into the "reserved" field that a > route originator puts into the signature. If the serial number increases, > this could suggest that fresher information is present in that originator's > repository. I think this is interesting. I think I would further like an assessment/disussion of this "serial number" being consistent between the BGP information, the RPKI repository, and this through the validated cache and presented to the router via rpki-rtr. It may well present far too many error situations by doing that, but may also provide a brilliant statement of a consistent view matching origination intent in a time and space perspective. 0.02c > > Discussion around this mechanism: > - If this is part of a given route's signature block, the issue is that a > given origin may be seen with a number of serial numbers depending on > propagation of BGP routes. > - Such a serial number is important not only for the originator of a route, > but also all parties participating in the signature. > This particular details suggests to me that such signaling probably should > be separate from the signatures. > - By being part of the signature, we get some level of freshness in things > in a route-by-route basis and less likely that a completely separate > "route" that is repository freshness is dropped. >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
