►
From YouTube: IETF93-GROW-20150720-1850
Description
GROW meeting session at IETF93
2015/07/20 1850
A
A
Ok
guess
not
come
to
the
dark
side.
We
have
cookies,
ok,
so
I'm
Chris!
This
is
Peter.
This
is
the
grow
meeting
at
IETF
93
in
Prague,
if
you're,
not
in
Prague,
that
you're
in
the
wrong
place.
If
you're
not
the
grow
meeting,
you're,
also
in
the
wrong
place,
here's
the
note!
Well,
it's
new
fancy,
no
toil
it's
much
shorter!
You
can
read
it
quicker
see.
It's
all
done.
A
Look
that's
good.
I,
like
your
focus,
seems
like
it's
totally
on
on
schedule.
I
just
leave
like
that.
That's
fine,
all
right,
so
we'll
have
a
great
display.
So
we
have
a
draft
status
thing.
Then
we're
going
to
go
over
a
couple
of
the
current
drafts
there
in
work
for
people
to
get
some
updates.
Two
quick
things:
John
Scudders,
not
here,
but
his
his
draft
he
sent
in
instead
of
comments.
It's
think
he's
almost
all
done
for
we're
in
we're
in
last
call
at
this
point
in
which
ends
a
week
after
the
ITF
ends.
A
You
all
should
make
sure
to
read
the
draft.
There's
a
bunch
of
invitations
already
in
the
field,
they'd
be
good
to
make
sure
that
what
the
draft
is
and
the
implications
are
matchup
and
for
the
ordering
we're
going
to
have
job
go
before
shriram,
so
we'll
see
thomas,
then
job,
then
shriram.
So
let's
go
over
the
draft
status
oops,
alright,
so
the
filtering
threats,
there's
an
update
coming
you.
The
last
call
comments.
I
think
this
is
the
one
that
actually
got
comment
gotta
rev
in
today,
so
there
should
be
a
new
version
of
this
today.
A
A
The
bgp
shut
up-
I
talked
about
this
orgy
shet
life.
We
talked
about
this
at
the
last
meeting.
I,
don't
honestly
remember,
what's
going
on
with
it,
it's
expired
and
I
have
to
pay
my
offers
or,
if
you're
here
this
is
this
is
the
one
that
lasts
is
a
venom
on
deck
for
ever
and
ever,
and
it's
waiting
on
something
else
to
get
done.
A
Oops
jobs
are
psl
via
he's
going
to
talk
to
us
today
about
that.
The
routing
policy
considerations
Oh
sorry.
This
is
the
one
that
just
got
to
read
today,
Eric
put
in
the
comments
and
today
he's
had
a
brand
new
baby,
so
he's
been
busy
with
other
things
and
the
route
server
operations
thing
is
in
the
editor:
q.
That's
actually
waiting
on
someone
on
the
eye.
Dr
version.
C
Do
you
hear
me
okay,
good
good,
so
my
name
is
Thomas
King
and
I'm,
talking
about
the
black
hole,
xpppp
community
for
plague
holding
at
Ike's
peace,
internat
rafts?
That
is
joint
work
together
with
some
folks
from
the
aurochs
community
and
the
mother
folks.
Next,
please,
let
me
quickly
motivate
this
works.
The
problem
is,
if
you
are
connected
to
an
IXP
and
hit
by
a
massive
dealers
attack,
it
might
happen
that
you
experience
is
people
congestion,
which
means
that
yeah
that
Majesty
does
attack
contrast.
C
0
plot
at
I,
XP
and
legitimate
traffic
will
then
be
disturbed
by
that
next
epic
can
be
reserved
by
using
black
awning,
which
some
XP
is
already
provide,
and
the
idea
is
that
you
trap
the
black
holding
traffic
already
on
the
ice
P
platform
so
that
it
does
not
disturb
with
legitimate
traffic
and
your
IX
people
are
congestion
is
resolved.
The
black
holing
itself
is
triggered
by
PGP
announcements.
C
Next,
for
that
we
had
some
discussion
or
on
the
irex
irex
community
for
that
mainly
into
Ryan
August
last
year,
and
we
finally
came
up
with
with
a
PTP
community
that
is
65535
trade
06.
The
reason
is
that
655
switz
5
is
a
reserved,
a
zen
and
the
whole
number
is
in
the
well-known
PP
committee
space
and
not
used.
So
we
might
ask
iana
to
provide
this
number
to
us,
and
the
good
thing
is
that
it
doesn't
conflict
with
any
existing
trigger
mechanisms.
So
we
can
have
those
during
a
transition
phase
on
xix
peace.
C
Next,
so
then
what
happened
as
yeah
as
I
said,
we
drafted
that
internal
draft
is
ability
to
the
working
group
and
then
wait
quite
some
good
discussions
about
this
concept
under
ideas.
And
let
me
could
you
summarize
what
we
discussed
so
far.
First
trip
snarls,
Christian
diet
and
some
other
fans
are
always
committee
already
requested
to
extend
to
be
gb
community
for
trading
black
holes
at
XPS
and
ISPs,
so
that
you
can
also
use
this
black
hole
community
for
throwing
black
holes
that
you're
trans
provider
upstream
tomorrow
I'm
from
the
XP
communities.
C
C
You
that
was
fast
good
earning
then.
The
next
comment
was
from
shops,
mallets
and
Treasury
house.
They
requested
that
p2p
speakers
receiving
a
black
hole
announcement
must
add
and
no
expert
on
or
advertised
if
it's
not
present
there
to
that
announcement.
I
think
that
the
reason
they
will
request
from
my
point
of
view,
we
should
add
such
a
statement
in
the
traft
already
in
the
draft.
C
Is
that,
because,
should
add
and
not
must
add,
so
we
should
clarify
that
they
have
to
do
that
and
but
before
we
can
finally
do
that
we
we
have
to
find
a
solution
for
the
third
proposal,
because
traffic
are
sequestered
said
only
that
the
black
hole
behavior
should
only
be
permitted
if
and
only
if
it
also
contains
no
expert
or
advertised.
So
my
point
of
view,
that's
a
little
bit
little
bit
harsh,
but
in
the
end,
it's
up
to
you
guys
it's
working
good
position.
C
E
F
C
G
G
D
This
morning,
I
took
a
look
in
the
13
I,
our
databases
that
we
near
Earth
entity
and
I
found
293
entries
that
refer
to
either
export
via
or
import
via.
So
to
me,
this
kind
of
proofs
that
people
are
actually
using
the
methods
in
the
world
and
I
already
the
software
that,
for
instance,
already
be
an
entity
used
to.
F
D
Like
him
better
soon,
all
right
and
there
I
rd,
supports
it
and
it's
deployed
major
sites.
The
right
who
is
server
also
will
accept
attributes
and
do
some
syntax
checking
on
what
is
presented,
and
it
covers
the
the
two
major
irr
server
implementations
that
are
out
there
in
the
world
and
there's
also
an
actual
organization
that
does
interpretation
of
these
attributes,
namely
the
MSM
internet
exchange
route
servers.
D
It
is
through
these
attributes
that
you
can
control
what
is
either
exported
towards
your
ASM
or
how
you
want
your
route
to
propagate
to
other
participants
at
that
particular
internet
exchange.
Maybe
there
are
other
deployments
in
the
world.
I
don't
know,
but
this
is
what
it
is
today
next
slide.
Please
here
are
some
examples
from
the
world.
D
D
D
So
my
plan
is
to
remove
the
the
ed
in
F
specification
as
a
currently
stands
in
the
draft.
I
want
to
replace
it
with
some
Python
code
that
also
uses
a
dnf
style
syntax.
So
people
can
actually
use
the
item
program
to
either
validate
whether
an
entry
is
appropriate
or
not,
and
the
Python
program
could
also
output
some
data
that
can
be
used
in
the
actual
routing
policy
on
a
route
server,
so
I
hope
that
will
help
people
that
want
to
implement
this
particular
attribute
at
their
route.
G
H
H
Since
march,
since
the
dallas
meeting,
there
have
been
two
more
they've
been
to
more
reports
about
major
significant
route
leaks,
one
involving
hathaway
airtel
and
another
one
involving
telekom,
malaysia,
a
level
three.
So
these
two
both
fall
into
the
tight
one
category.
If
you
are
trying
to
figure
out
what
type
1
type
2
are,
you
can
quickly
go
to
the
last
slide
and
I
have
listed
them
just
in
case.
You
need
to
be
refreshed
on
that.
H
But
hopefully
you
know
that
know
that
different
types
type
one
is
basically
where
the
update
makes
a
u-turn
like
a
yeah.
It's
it
should
not
be
propagating
from
a
customer
to
a
provider,
but
but
it
does
customer
leaks
it
to
a
provider.
So
both
of
these
incidents
in
March
and
again
in
june,
fall
into
the
type
one
category
in
and
then
we
added
the
again
the
example
of
telekom,
malaysia,
wire
level
3
in
type
2
as
well.
H
But
in
this
case,
while
the
leak
happened,
they
also
got
d
aggregated
and
the
supply
fix
kind
of
made,
a
u-turn
from
from
Malaysia
telecom
towards
a
level
three
and
into
the
larger
internet.
So
those
are
additional.
Examples
of
incidents
have
been
added
and
Brian
Dixon
is
included
as
an
author
now,
and
we
have
added
several
new
references
that
are
quite
relevant
makes
life.
So
this
is
just
to
give
you
a
little
bit
more
view
of
robotic
what
actually
happened
in
the
case
of
hathway
Airtel
route
leaks
involving
google
prefixes.
H
H
Normally,
a
orange,
a
lot
of
Google
users
in
France
Europe
would
go
through
orange.
They
take
I
would
go
through
orange
to
level
three
to
google.
That
would
be
the
normal
data
path,
but
in
this
case
I
had
to
a
leak,
those
prefixes
to
airtel.
It
will
didn't,
detect
it
and
propagated
it
on
and
because
of
the
preference
of
you
see
all
those
links
labeled
as
c2
PP,
2,
b,
etc.
H
The
any
prefixes
that
come
from
a
customer
are
preferred
over
prefixes
learned
from
appear
or
a
provider,
and
in
this
case
it
was
set
up
to
a
pod
for
the
hacker,
a
leak
to
propagate
through
Airtel
to
orange
sa
and
level
3.
Because
of
that
policy.
Prep
little
customer
policy
so
as
a
desire
to
be
I
mean
the
millions
of
users
in
your
open,
also
in
Singapore
and
other
places
in
Asia.
H
They
they
there
traffic,
ended
up
at
Hathaway
and
and
got
dropped
on
the
floor
there
because
of
lack
of
capacity,
as
so
that's
a
I
mean.
So
this
is
a
maybe
be
talking
about
these
examples
and
how
to
tackle
this
in
the
other
draft.
The
solution
draft
next
light,
so
here
I
thought
talk
a
little
bit
about
good
trying
to
differentiate
between
accidental
versus
intentional,
and
this
discussion
came
up
on
the
eye.
Dr
list,
so
most
loudly
assume,
I
think,
are
accidental,
maybe
ninety
nine
percent
of
them.
H
You
can
pick
a
number,
but
certainly
a
large
vast
majority
and
a
one-percent.
Maybe
a
small
correction,
like
one
person
may
be
intentional
or
malicious,
and
some
examples
of
the
malicious,
malicious
ones
would
be
intentional.
Leak
of
a
more
specific
prefix,
as
in
the
capella
philosophic
mo
so
more
specific
prefixes
may
be
intentionally
leaked
with
the
asf
are
intact,
so
that
there
is
Pat
poisoning
and
exactly
like
in
couple
apples
of
the
update,
propagates
everywhere
and
wings
over
thus
less
specific.
H
But
so
that
would
happen
accidentally
like
we
saw
in
the
previous
slide
with
Malaysia
telecom
level
three,
but
it
could
also
be
intentional
or
malicious.
The
next
example
is
sorry,
go
back
please.
So
the
attacker
keeps
the
legitimate
originals,
but
removes
all
other
proceeding
a
SS
in
the
a
s
path,
so
shortens
the
earth
s
part,
and
by
doing
this,
his
announcement
will
have
a
shorter
route
to
the
destination.
H
Also,
here
the
attacker
is
trying
to
deceive
the
origin.
Validation,
assuming
that
rpki
and
origin
validation
are
being
used.
This
by
doing
is
the
attacker
is
also
trying
to
deceive
origin
validation,
because
the
legitimate
is
is
still
showing
as
the
origin.
So
these
are
examples
and
the
third
one
would
be
a
question
is
like:
could
there
be?
Is
there
any
attack
vector
suppose
we
do
come
up
with
some
solution,
which
involves
putting
some
new
bits
to
try
to
detect
route
leaks
and
can
those
in
those
new
bits?
H
H
H
The
work
here
is
mainly
to
define
the
doubt
leaks,
which
we
have
done
in
there.
They
are
documented
in
the
definition
draft,
but
forgive
me
here
for
going
a
little
bit
into
the
solution,
but
just
this
one
slide,
so
the
solution
steps.
If
you
are
concerned
about
the
X
in
accidental
versus
intentional,
what
would
happen,
as
you
start,
considering
the
solution
so
initially
current
DGP?
It
is
vulnerable
to
the
accidental,
which
may
be
ninety
nine
percent,
or
you
can
pick
your
number
and
it's
also
vulnerable
to
the
malicious,
the
one
percent
route
leaks.
H
So
if
we
start
working
towards
a
solution,
for
example,
put
some
route
lake
protection
bits
as
in
the
other
draft
the
solution
draft
in
IDR.
If
you
start
incorporating
a
solution,
then
new
attack
vectors
can
begin
to
happen.
So
in
this
case,
if
you
have
those
are
out
lake
protection
bits
and
you
have
the
rpi
origin
validation,
what
happens
is
that
be?
H
It
solves
the
accidental
at
out
leaks
a
problem,
but
it
still
leaves
the
malicious
unresolved
or
unsolved,
and
when
we
go
to
secure
those
Bitzer,
then
then
the
ninety-nine
percent
accidental,
as
well
as
the
one
percent
malicious
they
are
all
detected
and
mitigated
by
the
solution
next
five
weeks.
So
I'll
have
a
presentation
about
the
solution
on
friday
in
cider.
I
already
did
that
in
an
interim
meeting
with
IDR
three
weeks
ago.
H
So
since
then
there
has
been
substantial
discussion
about
the
solution
stopped
on
the
idea,
at
least,
and
it's
been
adopted
by
the
chairs
as
a
working
group
draft.
Now
next
like
this.
So
if
you
are
interested
in
more
details
about
the
solution
proposal,
please
come
to
the
sided
meeting
on
friday
and
so
finally,
coming
back
to
the
definition
draft.
So
all
the
comments
we
comment
receive
them
quite
a
few
comments
from
many
people
and
they
have
been
all
incorporated
and
just
have
been
devised
already,
two
or
three
times
I.
H
So
possibly
it's
a
good
time
to
request.
Working
group
last
fall
on
the
definition
draft
and
we
could
possibly
include
a
section
to
discuss
accidental
worst
versus
malicious
route
leaks,
which
would
be
a
minor
change,
a
small
section,
a
paragraph.
However,
that
starts
to
get
into
a
solution
space.
So
we
would
be
a
little
bit
wary
about
it.