sidr - Monday, April 4, 2016

sidr

sidr@jabber.ietf.org

Monday, April 4, 2016< ^ >

rhansen has set the subject to: SIDR (Secure Inter-Domain Routing)

Room Configuration

Room Occupants

GMT+0
[15:55:13] Meetecho joins the room
[16:34:28] jayb joins the room
[16:54:12] weiler joins the room
[16:56:25] Samuel Weiler joins the room
[16:57:19] Coordination Center joins the room
[16:59:59] George Mundy joins the room
[17:01:34] Wes George joins the room
[17:02:46] S K joins the room
[17:03:38] Daniel joins the room
[17:04:39] Jared Mauch joins the room
[17:04:46] <Jared Mauch> SIDR WG is starting
[17:04:50] <Jared Mauch> WG Draft Slide is showing
[17:05:11] Demi Lee joins the room
[17:05:16] <Jared Mauch> https://tools.ietf.org/wg/sidr/agenda
[17:05:23] Juan P. Cerezo joins the room
[17:06:27] aretana joins the room
[17:06:42] Michael Baer joins the room
[17:07:04] russmundy@jabber.org joins the room
[17:07:31] mikemlb joins the room
[17:07:33] Demi Lee leaves the room
[17:07:49] <Jared Mauch> WG Draft summary is showing
[17:10:12] Michael Baer leaves the room
[17:10:15] Demi Lee joins the room
[17:10:25] <Jared Mauch> SIDR Delta protocol 02 presentation showing
[17:13:14] <Jared Mauch> slide #5 showing
[17:13:49] Daniele Iamartino joins the room
[17:15:28] christopher.morrow joins the room
[17:16:27] Doug Montgomery joins the room
[17:24:13] <Jared Mauch> Jeff Haas at the mic
[17:24:47] <Jared Mauch> jhaas: Deltas vs Snapshots have value in seeing histories
[17:25:15] <Jared Mauch> jhaas: i would not let size of snapshots be an issue
[17:25:19] <Jared Mauch> Chris Morrow @ MIC
[17:25:30] <Jared Mauch> morrowc: why would i do one vs the other?
[17:26:08] Bharti Chauhan joins the room
[17:27:43] <Jared Mauch> ??: at the mic
[17:28:13] <jayb> (sounds like Tim Bruijnzeels)
[17:28:40] <Jared Mauch> ?? (tim?) : not sure that we should do it with this protocol, looking at a time of 8 hours, you could have to wait longer for a resync
[17:29:25] <Jared Mauch> ruediger volk: at the mic
[17:29:37] <Jared Mauch> rv: are you concerned about network transfer volume
[17:29:57] <Jared Mauch> rv; this is in the noise still
[17:30:06] <Jared Mauch> randy bush: at the mic
[17:30:37] <Jared Mauch> randy bush: we have two knobs for dealing with connectivity issues, the first is this.  the second is the relying party software willingness to use older data.
[17:31:07] <Jared Mauch> randy: we found the second to be very easy.  currently RSYNC has a narrower window than this.  This has 8, RSYNC is 1h
[17:32:20] <Jared Mauch> randy: not predictable and decays over time, i don't think you want to go down this path
[17:33:05] <Jared Mauch> oleg: how long should we keep data?
[17:33:15] Pulkit Manocha joins the room
[17:33:20] <Jared Mauch> oleg: we are keeping files for 1 hour
[17:34:20] <Jared Mauch> slide #14
[17:34:44] Daniel leaves the room
[17:35:42] Doug Montgomery leaves the room
[17:37:08] Daniel joins the room
[17:37:37] <Jared Mauch> tim: to clarify a bit more on this
[17:38:22] <Jared Mauch> tim: purpose of manifests was to prevent replay or other attack, but the price is a lot of nodes
[17:40:01] Aman Sharma joins the room
[17:40:03] <Jared Mauch> tim: if we can use https, we can reduce by several orders of magnitude
[17:41:49] Aman Sharma leaves the room
[17:44:05] Doug Montgomery joins the room
[17:44:14] Pulkit Manocha leaves the room
[17:44:30] <Jared Mauch> randy: you want to deploy a secure version of TLS
[17:45:55] <Jared Mauch> morrowc: the size right now doesn't seem to be that important
[17:46:15] <Jared Mauch> morrowc: the key change you state here is to have the manifest to change less frequently
[17:48:06] Doug Montgomery leaves the room
[17:48:19] <Jared Mauch> morrowc: i would expect roa/certs to be a small percentage of the table.  are you asking what the default of regen of manifest?
[17:48:52] Doug Montgomery joins the room
[17:50:01] Adeola Alain Patrick AINA joins the room
[17:50:15] <Jared Mauch> rv: to optimize this, one must anaylize the exact reasons for defining a maximum lifetime of a manifest.  manifest needs to change when any object changes.  the quick refreshing of manifests is naieve implementation of keeping it fresh.
[17:50:43] <Jared Mauch> rv: the manifest is there to deal with potential inconsistencies when using RSYNC
[17:50:51] Doug Montgomery leaves the room
[17:51:36] <Jared Mauch> tim: we interpreted we should have short lived manifests to guard against MITM/replays
[17:51:58] Daniele Iamartino leaves the room
[17:52:24] Bharti Chauhan leaves the room
[17:52:51] Doug Montgomery joins the room
[17:54:31] NIKHIL SINGH joins the room
[17:55:14] Adeola Alain Patrick AINA leaves the room
[17:55:45] <Jared Mauch> validation reconsidered-03
[17:56:18] Alain AINA joins the room
[17:56:26] Aastha Gupta joins the room
[17:57:29] Aastha Gupta leaves the room
[17:58:55] Gregorio Manzano joins the room
[18:00:44] Gregorio Manzano leaves the room
[18:03:35] NIKHIL SINGH leaves the room
[18:04:36] <Jared Mauch> randy bush: to repeat, i'm not against this proposal.  i will note there are almost no grandchildren exist.  we are not seeing the problem yet
[18:04:59] <Jared Mauch> randy bush: we have had some real problems discussing these issues, and we are not addressing them.
[18:05:16] Doug Montgomery leaves the room
[18:05:39] <Jared Mauch> russ housley: how does this impact validation in 3779
[18:08:02] <Jared Mauch> doug montgomery: if 192.168 is part of the ROA, is the roa treated atomicly?
[18:09:35] Doug Montgomery joins the room
[18:10:14] Dale Worley joins the room
[18:11:42] Bharti Chauhan joins the room
[18:11:54] <Jared Mauch> sandy: we may need to review existing RFCs to ensure text is all properly aligned
[18:13:48] <Jared Mauch> trust anchor applicability statement
[18:13:57] <Jared Mauch> now presenting - andy newton
[18:16:01] Dale Worley leaves the room
[18:16:05] Daniel leaves the room
[18:17:25] <Jared Mauch> ruediger volk: (dt) are you talking about access to trust anchors, or the content and semantics of the certificates
[18:17:27] <Jared Mauch> andy: the trust anchors
[18:20:05] <Jared Mauch> tim: i think the document says i trust the RIRs to overclaim each others space, but you should see no overlaps
[18:22:50] <Jared Mauch> randy bush: another spin on what rueddiger is saying, i need an algorithmic way to determine what you are saying.  others may wonder why are are talking trust anchors in plural
[18:22:57] Daniel joins the room
[18:25:00] <Jared Mauch> morrowc: in a case of a single root, where iana, there would need to be double accounting for make before break to work.
[18:27:59] Jared Mauch leaves the room
[18:28:17] Samuel Weiler leaves the room
[18:28:18] Doug Montgomery leaves the room
[18:28:25] Daniel leaves the room
[18:28:26] aretana leaves the room
[18:28:39] russmundy@jabber.org leaves the room
[18:29:07] Meetecho leaves the room
[18:29:25] George Mundy leaves the room
[18:29:45] Coordination Center leaves the room
[18:29:46] Demi Lee leaves the room
[18:29:47] Alain AINA leaves the room
[18:29:47] Bharti Chauhan leaves the room
[18:29:57] jayb leaves the room
[18:30:26] S K leaves the room
[18:31:46] russmundy@jabber.org joins the room
[18:33:01] russmundy@jabber.org joins the room
[18:33:08] russmundy@jabber.org leaves the room
[18:36:08] Wes George leaves the room
[18:54:29] Daniel joins the room
[18:56:46] Doug Montgomery joins the room
[18:57:11] aretana joins the room
[19:05:38] christopher.morrow leaves the room
[19:08:39] aretana leaves the room
[19:24:43] Doug Montgomery leaves the room
[19:27:20] Daniel leaves the room
[19:27:59] Daniel joins the room
[19:30:53] Doug Montgomery joins the room
[19:43:08] russmundy@jabber.org leaves the room
[19:54:20] Daniel leaves the room
[19:57:37] aretana joins the room
[20:11:54] aretana leaves the room
[20:21:40] Doug Montgomery leaves the room
[20:23:19] Juan P. Cerezo leaves the room
[20:55:32] weiler leaves the room
[21:16:39] Doug Montgomery joins the room
[21:23:55] Doug Montgomery leaves the room
[21:29:13] Doug Montgomery joins the room
[21:29:46] aretana joins the room
[21:37:41] Doug Montgomery joins the room
[21:38:45] Doug Montgomery leaves the room
[21:54:08] Doug Montgomery leaves the room
[22:03:18] Doug Montgomery joins the room
[22:09:09] Doug Montgomery leaves the room
[22:09:12] Doug Montgomery joins the room
[22:19:35] Doug Montgomery leaves the room
[22:26:39] Doug Montgomery joins the room
[22:30:56] Doug Montgomery leaves the room
[22:37:56] Doug Montgomery joins the room
[22:39:07] Doug Montgomery leaves the room
[22:40:11] Doug Montgomery joins the room
[22:42:08] Doug Montgomery leaves the room
[22:44:44] Doug Montgomery joins the room
[22:56:45] Doug Montgomery leaves the room
[23:08:42] Doug Montgomery joins the room
[23:10:08] Doug Montgomery leaves the room
[23:12:33] Doug Montgomery joins the room
[23:15:11] mikemlb leaves the room
[23:27:05] Doug Montgomery leaves the room
[23:28:52] Doug Montgomery joins the room
[23:35:42] Doug Montgomery leaves the room

Powered by ejabberd - robust, scalable and extensible XMPP server