Clarifications to BGP Origin Validation Based on Resource Public Key Infrastructure (RPKI)
RFC 8481
Yes
No Objection
Note: This ballot was opened for revision 03 and is now closed.
Alvaro Retana Yes
Thanks for the clarifications!! I have just a couple of comments: (1) §3: "...the router SHOULD use the AS of the router's BGP configuration". If not ambiguous, when would it be ok to not use the ASN from the local configuration? IOW, why SHOULD and not MUST? (2) §1: s/the origin validation state of the is set to as NotFound/the origin validation state is set to NotFound (3) [nit] The language in the Introduction is very tentative for a Standards Track document. For example: "This document attempts to clarify...The implementation issues seem not to be about how to validate...The issues seem to be ..." Either this document clarifies or it doesn't; IOW, this is not an attempt at clarification. Also, I'm sure the issues are known.
Warren Kumari Yes
(Ignas Bagdonas; former steering group member) Yes
What is the implementation and interoperability status of this? Is there any running code?
(Adam Roach; former steering group member) No Objection
Thanks for your work on this. I have only minor typographical nits to suggest changes for; these don't warrant a new version of the document (as I'm sure they'll be caught in RFC Editor review), but should probably be corrected if a new version of the document is produced prior to advancing it: --------------------------------------------------------------------------- Abstract: > document is meant to clarify possible misunderstandings causing those > mis-implementations; and thus updates RFC6811 by clarifying that all Nit: "...RFC 6811..." --------------------------------------------------------------------------- §1: > Deployment of RPKI-based BGP origin validation is hampered by, among > other things, vendor mis-implementations in two critical areas, which Nit: "...areas: which..." --------------------------------------------------------------------------- §3: > neighbors about propagation of Invalid routes. For this reason, > [RFC6811] says Nit: "...says:"
(Alexey Melnikov; former steering group member) No Objection
(Alissa Cooper; former steering group member) No Objection
(Ben Campbell; former steering group member) No Objection
Benjamin beat me to the comment about the RFC 8174 boilerplate.
(Benjamin Kaduk; former steering group member) No Objection
I was surprised to see an 8174 reference but the 8174 boilerplate text not used.
(Deborah Brungard; former steering group member) No Objection
(Eric Rescorla; former steering group member) No Objection
(Martin Vigoureux; former steering group member) No Objection
Thank you for this work. I only have an editorial comment: Isn't the word 'Route' missing between 'the' and 'is': When a route is distributed into BGP, the origin validation state of the is set to as NotFound, Valid, or Invalid per [RFC6811].
(Mirja Kühlewind; former steering group member) No Objection
(Suresh Krishnan; former steering group member) No Objection
(Terry Manderson; former steering group member) No Objection