Minute taker: Job Snijders
Chair: Russ Housley

Chair welcomes everyone and reminds the group to adhere to the "note

No objections were made to the agenda as proposed.

Chair update on rfc8210bis

ASPA RTR plan:

No objections

Sriram Design Analysis of RPKI Prefixlist

An RP can discard BGP updates that are originated by a given AS that
created a RPKI PrefixList and didn't list the prefix in the BGP update.

Internet-Draft doesn't answer whether it's exact matching or
more-specifics are also permitted.

Validation states currently are: invalid & not invalid.

Sriram iterates over a number of problems solved by RPKI PrefixList.

Geoff Huston asks why is it bogus from the RP perspective? ROAs are not
bogus when prefix isn't listed on the PrefixList. ROA is a one-way

Ties de Kock comments "Doesn't ASPA solve this better?" Sriram will
return to the question.

Sriram moves on to reflect on Operational Considerations for splitting a
prefix, or adding a new prefix.

Job Snijders provided suggests that we should not try to be 'clever' by
optimizing aggregation; instead, strive for 1:1 mapping between BGP and
PrefixList. AS_SETs should just be killed as suggested in Warren's

Tim Bruijnzeels might see some value in NotFound state, but doesn't feel
super strong.

Warren suggests 'egress verification' on the AS EBGP router so that
people can easily see mismatches between PrefixList and actual router

Geoff Huston agrees with everything Job said. Don't discard the BGP
UPDATE; instead, keep it in Adj-RIB-In.

Ben Maddison suggests a third-state for diagnostic purposes isn't
needed, because it is super easy to see if an AS has a PrefixList or
not. Suggests a paragraph to explicitly mention BGP updates should be
stored in Adj-RIB-In.

Rüdiger Volk says that "source representation" for the prefixlist takes
same syntax for IP address notation in RPSL, which is a quadrupple.
Rüdiger prefers to implement RPSL route-set expressions because its very

Ties de Kock asks a question about ASPA: Ties wants to compare all
RPKI-based technologies in partial deployment scenarios to help
understand priorities. Ties will work on this to answer it himself.

Ben Maddison suggests that the object be a flat simple list; and instead
in a user interface a "RPSL to RPKI Prefixlist"-converter is provided.
Doing RPSL expressions in ASN.1 is too hard. On-the-wire encoding should
be as simple as possible.

Job repeats that maintaining proper Adj-RIB-In is the best solution.

Operational Granularity of RPKI ROA Management - Yanbiao Li

More than half of BGP routes are covered by ROAs, but ROV is lagging.

CSTNET doesn't issue ROAs yet, because it perceives operational risks.
Human error is the big risk, but even without human error the presenter
sees issues.

Problem 1: Dillema in setting maxlength.

Rüdiger Volk and Ben Maddison interrupt the presenter and ask for an
explanation of the problem, because the ROA profile allows functionality
exactly matching what the presenter is showing; there some confusion
what problem is being raised.

Job Snijders interrupts the presenter and points out that a single ROA
can contain multiple prefixes, and RPKI Manifests are used to provide
'atomic update' mechanism. Job is happy to elaborate off-list on ROA
encoding and manifests in more detail.

Presenter suggests to extend ROA to also use bitmasks.

Chair Russ reminds the group that there is 5 minutes left.

Wrap Up

Chair Russ: There have been some hallway discussions about some
remainging concerns with the ASPA Internet-Drafts. If there was time, we
would have discussed those concerns under the "Any Other Business"
agenda item. We do not have time for that discussion. Please take it to
the mail list.

Chair Russ: IETF 118 closed a minute ago, so is this session now over