IETF
sidr
sidr@jabber.ietf.org
Friday, 10 February 2012< ^ >
melkins has set the subject to: SIDR WG http://www.ietf.org/proceedings/79/agenda/sidr.html
Room Configuration

GMT+0
[00:00:00] <brian.peter.dickson> Revocation of already-handled withdrawn routes, gets ignored trivially. The validation is only needed when matches are found (on signatures), deferring the cost of malicious sending of revocations...
[00:00:54] Stewart Bryant leaves the room
[00:03:50] <brian.peter.dickson> Once class of DOS is beaconing just fast enough to cause a third party to fall over. If there is disparity in beacon rates that cause problems, across ASNs, pain levels differ.
[00:04:11] Stewart Bryant joins the room
[00:04:58] <brian.peter.dickson> (See "heat limits" between Japanese Honey Bees and Japanese Wasps -- the wasps invade and massacre the bees, but the last few bees swarm and vibrate so fast they overheat, killing the wasps. 119 degrees vs 120 degrees are the respective heat limit.)
[00:05:31] <brian.peter.dickson> Think third party - it is not neighbor-neighbor, it is neighbor-neighbor-neighbor.
[00:06:07] <brian.peter.dickson> It is a weakest link problem - causing ASNs to fall over, increases churn, until everyone suffers.
[00:09:17] dongtingyu leaves the room
[00:09:29] Sebastian Becker leaves the room
[00:10:36] Sebastian Becker joins the room
[00:11:35] <brian.peter.dickson> Yes - OOB - off-router. E.g. some other place, like DNS
[00:11:55] Sebastian Becker leaves the room
[00:12:29] Sebastian Becker joins the room
[00:13:30] lepinski leaves the room
[00:13:52] <brian.peter.dickson> The issue is CPU capabilities of routers -- old/poor vs commodity hardware servers
[00:14:08] <brian.peter.dickson> in-band is not bandwidth limited, it is CPU limited
[00:14:41] lepinski joins the room
[00:14:55] <wkumari@jabber.psg.com> Waiting for mic...
[00:14:58] <brian.peter.dickson> OOB takes advantage of better class of hardware for things like crypto, such as on-the-fly signing of data (DNSSEC signing at 10k/sec or higher)
[00:15:53] Sebastian Becker leaves the room
[00:16:50] Sebastian Becker joins the room
[00:17:19] <brian.peter.dickson> What do we call "someone didn't honor a withdrawal", which is analogous to replay, but does not involve replay?
[00:21:38] <brian.peter.dickson> Question on clarification - is beaconing ONLY meant to address the dual-problem of freshness and replay?
[00:22:22] <wkumari@jabber.psg.com> *I* beleive so....
[00:22:25] <brian.peter.dickson> If another solution for those is adopted, would it be agreeable that beaconing be removed?
[00:23:33] <wkumari@jabber.psg.com> *I* think so — either another solution, or deciding we cannot / will not afddress the problem.
[00:25:11] Sebastian Becker leaves the room
[00:25:12] <brian.peter.dickson> Beaconing requires edge-to-edge propagation. Is there any guarantee on rate of signing by arbitrary signers in the middle ? If not, this becomes a rat-hole vs time to reach the edge. Expire before reaches the edge. Results are bad.
[00:25:54] <brian.peter.dickson> Or, set the time so low, that the time for actual replay incidents is unbearable...
[00:26:04] <brian.peter.dickson> s/low/long/
[00:26:57] <brian.peter.dickson> BGP is stateful -- why are we doing stuff that flies in the face of it, with beaconing???
[00:27:57] <brian.peter.dickson> Rather than discussing when to beacon, we should be saying, if we are talking about beaconing, we should be looking at other solutions to the problem...
[00:27:59] <brian.peter.dickson> IMHO
[00:28:53] <brian.peter.dickson> remember - all the prefixes, crossing every AS_PATH hop, we COULD be talking days.
[00:29:32] <brian.peter.dickson> 500K x 10 hops x long signatures etc., big delay is possible.
[00:31:12] Sebastian Becker joins the room
[00:38:00] <Jason Schiller> thanks all… need to run off to a meeting
[00:38:31] weiler leaves the room
[00:38:42] <Sean Turner> we're in the process of closing down
[00:38:46] wkumari@jabber.psg.com leaves the room
[00:38:48] Sander Steffann leaves the room
[00:38:57] <Stewart Bryant> Thanks all, see you in Paris
[00:38:57] lepinski leaves the room
[00:39:04] chwhitey leaves the room
[00:39:05] <Sean Turner> ciao
[00:39:06] heather.skanks leaves the room
[00:39:07] <brian.peter.dickson> Thanks everyone, sorry to not be there...
[00:39:21] brian.peter.dickson leaves the room
[00:39:24] Sebastian Becker leaves the room
[00:39:25] <Sean Turner> by
[00:39:26] <Sean Turner> e
[00:39:29] Sean Turner leaves the room
[00:39:32] Randy Bush leaves the room
[00:40:09] Randy Bush joins the room
[00:40:52] Keyur Patel leaves the room
[00:46:02] Jason Schiller leaves the room
[00:46:19] Randy Bush leaves the room
[00:47:16] asonalker leaves the room
[00:50:18] sandy leaves the room
[01:04:06] smb leaves the room
[01:47:28] Kannan Varadhan leaves the room
[01:47:51] Kannan Varadhan joins the room
[01:48:20] Kannan Varadhan leaves the room
[01:49:35] Kannan Varadhan joins the room
[02:09:10] wkumari@jabber.psg.com joins the room
[02:17:14] Kannan Varadhan leaves the room
[02:45:19] Stewart Bryant leaves the room
[03:47:34] Randy Bush joins the room
[03:59:21] Randy Bush leaves the room
[05:53:11] wkumari@jabber.psg.com leaves the room
[06:28:01] Stewart Bryant joins the room
[09:29:10] Stewart Bryant leaves the room
[09:30:07] Stewart Bryant joins the room
[12:12:37] Stewart Bryant leaves the room
[15:31:02] wkumari@jabber.psg.com joins the room
[15:31:03] Kannan V leaves the room
[16:32:12] wkumari@jabber.psg.com leaves the room: Replaced by new connection
[16:32:12] wkumari@jabber.psg.com joins the room