Clarifications to BGP Origin Validation Based on Resource Public Key Infrastructure (RPKI)
RFC 8481

Note: This ballot was opened for revision 03 and is now closed.

Ignas Bagdonas Yes

Comment (2018-08-16 for -04)
No email
send info
What is the implementation and interoperability status of this? Is there any running code?

Warren Kumari Yes

Alvaro Retana Yes

Comment (2018-08-13 for -04)
No email
send info
Thanks for the clarifications!!   I have just a couple of comments:

(1) §3: "...the router SHOULD use the AS of the router's BGP configuration".  If not ambiguous, when would it be ok to not use the ASN from the local configuration?  IOW, why SHOULD and not MUST?

(2) §1: s/the origin validation state of the is set to as NotFound/the origin validation state is set to NotFound

(3) [nit] The language in the Introduction is very tentative for a Standards Track document.  For example: "This document attempts to clarify...The implementation issues seem not to be about how to validate...The issues seem to be ..."  Either this document clarifies or it doesn't; IOW, this is not an attempt at clarification.  Also, I'm sure the issues are known.

Deborah Brungard No Objection

(Ben Campbell) No Objection

Comment (2018-08-15 for -04)
No email
send info
Benjamin beat me to the comment about the RFC 8174 boilerplate.

Alissa Cooper No Objection

Benjamin Kaduk No Objection

Comment (2018-08-13 for -04)
No email
send info
I was surprised to see an 8174 reference but the 8174 boilerplate text not used.

Suresh Krishnan No Objection

Mirja Kühlewind No Objection

(Terry Manderson) No Objection

Alexey Melnikov No Objection

(Eric Rescorla) No Objection

Adam Roach No Objection

Comment (2018-08-13 for -04)
No email
send info
Thanks for your work on this. I have only minor typographical nits to suggest changes for; these don't warrant a new version of the document (as I'm sure they'll be caught in RFC Editor review), but should probably be corrected if a new version of the document is produced prior to advancing it:

---------------------------------------------------------------------------

Abstract:

>  document is meant to clarify possible misunderstandings causing those
>  mis-implementations; and thus updates RFC6811 by clarifying that all

Nit: "...RFC 6811..."

---------------------------------------------------------------------------

§1:

>  Deployment of RPKI-based BGP origin validation is hampered by, among
>  other things, vendor mis-implementations in two critical areas, which

Nit: "...areas: which..."

---------------------------------------------------------------------------

§3:

>  neighbors about propagation of Invalid routes.  For this reason,
>  [RFC6811] says

Nit: "...says:"

Martin Vigoureux No Objection

Comment (2018-08-16 for -04)
No email
send info
Thank you for this work.
I only have an editorial comment:
Isn't the word 'Route' missing between 'the' and 'is':
   When a route is distributed into BGP, the origin validation state of
   the is set to as NotFound, Valid, or Invalid per [RFC6811].