[{"author": "Job Snijders", "text": "<p>Minutes here <a href=\"https://notes.ietf.org/notes-ietf-118-sidrops\">https://notes.ietf.org/notes-ietf-118-sidrops</a></p>", "time": "2023-11-10T14:34:00Z"}, {"author": "Chris Morrow", "text": "<p>1) aspa through successful lastcall<br>\n2) fix up 8210 to accommodate that<br>\n3) put 8210 through lastcall</p>", "time": "2023-11-10T14:34:54Z"}, {"author": "Jeffrey Haas", "text": "<p>I disagree with job about not permitting prefix length variations</p>", "time": "2023-11-10T14:57:06Z"}, {"author": "Jeffrey Haas", "text": "<p>Efficiency for rib reevaluation from rpki rtr is one of the reasons to permit other than exact length records in the database</p>", "time": "2023-11-10T15:04:31Z"}, {"author": "Doug Montgomery", "text": "<p>We have that terminology problem through out the history of SIDR.  We needed correction RFCs to explain \"drop, reject, etc\" was really keep and mark as ineligible for selection as best path.</p>", "time": "2023-11-10T15:04:52Z"}, {"author": "Doug Montgomery", "text": "<p>Will SLURM need to be updated for prefix lists?</p>", "time": "2023-11-10T15:06:14Z"}, {"author": "Jeffrey Haas", "text": "<p>Use bgp normative terms. Ask idr for help with a lexicon if needed</p>", "time": "2023-11-10T15:06:19Z"}, {"author": "Doug Montgomery", "text": "<p>\"ineligible\" RFC4271 section 9.1.1</p>", "time": "2023-11-10T15:08:33Z"}, {"author": "Job Snijders", "text": "<p><span class=\"user-mention\" data-user-id=\"422\">@Jeffrey Haas</span> how we encode in ASN.1 on the wire, and how the RTR PDU is constructed &amp; packed is separate things.</p>", "time": "2023-11-10T15:20:41Z"}, {"author": "Jeffrey Haas", "text": "<p>But strongly related. </p>\n<p>The audio stream is unlistenable from my current location. I\u2019ll have to respond you session discussion in more detail when I can review it later.</p>", "time": "2023-11-10T15:22:53Z"}, {"author": "Ties de Kock", "text": "<p>We have seen users create ROAs for a very dense set of /48's within a /32. Making a _sparse_ set of prefixes explicit is OK, making a _dense_ set of prefixes explicit in a ROA is less elegant.</p>", "time": "2023-11-10T15:26:07Z"}, {"author": "Ties de Kock", "text": "<p>This probably could be made more elegant. But to my knowledge it is not a significant problem at the moment</p>", "time": "2023-11-10T15:26:43Z"}, {"author": "Chris Morrow", "text": "<p>'elegant' meaning what?</p>", "time": "2023-11-10T15:32:34Z"}, {"author": "Ties de Kock", "text": "<blockquote>\n<p>'elegant' meaning what?</p>\n</blockquote>\n<p>A more compact encoding. Or use more options during encoding. Right now it is all additive, some scenario's you can probably describe better when you can subtract from what is authorised as well.</p>", "time": "2023-11-10T15:35:58Z"}, {"author": "Randy Bush", "text": "<p>ii want an anti-ROA!!!</p>", "time": "2023-11-10T15:37:12Z"}, {"author": "Ties de Kock", "text": "<p>I can see the cases where it is a more efficient encoding. [Yet] As a CA operator, I do not see the need [at the moment]</p>", "time": "2023-11-10T15:37:44Z"}, {"author": "Job Snijders", "text": "<p>RPKI Prefixlist is a working group document; at this point in time I personally think the current flat list is the most elegant approach - but I'm happy to review proposals that make the encoding more efficient provided we can get there without sacrificing our kidneys for complexity.</p>", "time": "2023-11-10T15:38:28Z"}, {"author": "Ties de Kock", "text": "<p>(I was talking about ROAs)</p>", "time": "2023-11-10T15:38:40Z"}, {"author": "Chris Morrow", "text": "<p>ah... I mean you COULD do something like randy's anti-roa, but you COULD also publish chunks of  a /32 as: /40 -&gt; /48 ASN0</p>\n<p>with subnet holes as /48 exact (for instance) for proper Origin.</p>\n<p>I don't think that's actually better though. (still have to publish the exact end-site ROA)</p>", "time": "2023-11-10T15:40:39Z"}, {"author": "Doug Montgomery", "text": "<p>Question for Carlos / LACNIC - if you permit an organization with a  re-assigned/re-allocated address block from a provider, without creating a new ResCert for that specific sub-block, do you limit the range of prefixes that customer could create through UI/APIs?   The aggregate cert would permit broader ROAs.</p>", "time": "2023-11-10T15:51:09Z"}, {"author": "Chris Morrow", "text": "<p>the roa count as a problem I dont' really understand I guess.</p>\n<p>no human is thinking / remembnering / etc these things, robots do, and robots have craploads of memory.</p>\n<p>and databases understand how to keep track/index items of interest.</p>", "time": "2023-11-10T15:55:23Z"}, {"author": "Chris Morrow", "text": "<p>so the conversation is that 'robots do not have databases' which I think is also false.</p>", "time": "2023-11-10T15:57:27Z"}, {"author": "Randy Bush", "text": "<p>but do they dream of electric certificates?</p>", "time": "2023-11-10T15:58:13Z"}, {"author": "Chris Morrow", "text": "<p>this is also a fair question.. we don't want them doing the wrong thing, so we have protections... tests.</p>", "time": "2023-11-10T15:58:44Z"}]