SIDROPS IETF#125 Minutes

Administration

Russ went through the Chairs slides.

In particular, Russ reported that:

• draft-ietf-sidrops-8210bis, draft-ietf-sidrops-aspa-verification,
  and draft-ietf-sidrops-aspa-profile are ready for WGLC (polishing
  implementation reports).
• draft-ietf-sidrops-publication-server-bcp: new revision addressed
  comments raised during previous WGLC. Ready to move forward.

The RPKISPOOL format data materialization as used in RPKIViews

• Speaker: Job Snijders

No discusion.

A Profile for Mapping Origin Authorizations (MOAs)

Speaker: Chongfeng Xie

Luigi: An implementation report and a seperate draft for the
RPKI-to-Router (RTR) Protocol Data Unit (PDU) are required before moving
to WGLC.

Di Ma: Should consider incremental deployment.

Job: Manifest is a complex feature of the RPKI toolset. I recommend
against changing its structure.

Rob Austein (chat): I tend to agree with Job's comment about leaving
manifests alone. Skipping payload objects one doesn't care about is not
a big deal for a validator; changing the core validation logic that has
to walk the CA certs and CRLs and manifests is a much bigger deal, and I
suspect it's not worth it unless and until we hit major scaling limits.

Tim Bruijnzeels (chat): I agree that we should not change the manifest
format, at least not lightly. On the other hand I do agree that with
additional object types we need to think about the growth of rpki data -
especially if those new types would be short lived (lots of churn). I
don't have an answer yet - but I think the Erik idea will help at least
somewhat with scaling and deduplicating.

Update on the Erik Synchronization Protocol

Speaker: Job Snijders

No disussion.

YANG Data Model for RPKI to Router Protocol

Speaker: Jishnu Roy

Job: CCR is stable and waiting for implem reports.

Luigi: Noted the yangdoctor review, but an implem report is needed to
start the WGLC.

RPKI Repository Delta Protocol (RRDP) Delta File Retention Policy

Speaker: Libin Liu

Job: concerened about complexity vs cost.

TLS Authentication for BGP

Speaker: Jeffrey Haas & Bob Beck

Nan Geng: what is the link with the work about BGP over QUIC?

Jeff: Will take on that and similar work.

Job: Target creating a tiny WG for this.

Jeff: This makes sense.

ASPA-based AS_PATH Verification for BGP Export

Speaker: Jia Zhang

No discussion.

RPKI-based Validation with Prioritized Resource Data

Speaker: Jia Zhang / Chongfeng Xie

Rob Austein (Chat): I am extremely skeptical of cost/benefit.

Update to SOA-based SAV

Speaker: Minglin Jia

Nan Geng: this is not a traditional SAV as there might be multiple hops
from subscribers. Maybe consider destiantion dimension.

Minglin: Maybe complicated

Lancheng Qin: Issue with the name and the solution does not leverage
RPKI.

A Profile for ROV Deployment Transparency

Speaker: Sitong Ling

Job: Concerns with self-asserted info.

Warren Kumari (chat): This looks much more reasonable than I had
thought... Yes, I have to trust the assertion, but if X says it does
ROV, and Y doesn't, well, I might want to use X over Y.

Rob Austein (chat): I probably missed something (it's late) but this
smells a bit like the DNSSEC AD bit, which is useful in certain limited
contexts but only in those contexts.