From: Matthew Lepinski <mlepinski.i...@gmail.com<mailto:mlepinski.i...@gmail.com>> Date: Friday, July 24, 2015 at 1:31 AM To: "George, Wes" <wesley.geo...@twcable.com<mailto:wesley.geo...@twcable.com>> Cc: "sidr@ietf.org<mailto:sidr@ietf.org>" <sidr@ietf.org<mailto:sidr@ietf.org>> Subject: Re: [sidr] New Version: draft-ietf-sidr-bgpsec-protocol-12
That being said, I agree with you that from the point of view of a denial-of-service prevention, that we should be recommending that implementations "Skip out" after a failed signature verification. When I read the text in "Step III" on page 29 within Section 5.2, I interpret that text as indicating that implementations should skip the remaining signatures once they get a failed signature verification. If you interpret that text differently, please let me know, but in my reading of the document, I understand the 5.2 algorithm as saying implementations should "skip out" when a signature is bad. WG] I agree with your interpretation. As Randy pointed out, this is probably a case of misinterpretation due to the fact that I'm not the target audience (implementers) and thus I missed something that would have been obvious to your target audience. Thanks Wes ________________________________ This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
