►
From YouTube: IETF97-SIDR-20161117-1520
Description
SIDR meeting session at IETF97
2016/11/17 1520
A
C
C
B
D
Good
afternoon
this
is
thursday,
I
think
thursday.
Yes,
thursday,
this
is
the
slider
working
group.
If
you
think
you're
in
a
different
reading
group
you're
in
the
wrong
room,
you
should
move
or
you
could
stay,
it
might
be
fun.
Hopefully
this
is
our
last
face-to-face
meeting
we'll
see
how
it
goes.
That's
our
plan
we
had
a
little
presentation
on
the
laptop
doesn't
want
to
work
event
so
give
us
a
moment,
while
Jared
fiddles
around
and
gets
it
to
work.
Cuz
it'll
work
on
his,
not
mine,.
D
D
Now
we're
really
ready,
there's
a
that's
us
we're
here
in
Seoul
today's
Thursday
said
Irwin
group
again,
if
you
think
you're
in
the
wrong
place,
you
should
leave
or
stay
cuz.
It
might
be
fun
next.
Please
note
well
you've
seen
this
will
see
the
next
one.
Two
great
new
note
well
summarized
less
words.
Next
Oh
third,
one
great
cuz,
always
the
three
options:
much
better.
Next,
here's
where
all
the
stuff
is
there's
a
mall
that
most
of
that
doesn't
really
matter
anymore,
I,
guess,
but
anyway,
okay,
there's
a
jabber
room.
Somebody
will
be
jab.
D
D
All
right,
I'll
take
notes:
okay,
oh
there's
blue
sheets
coming
around.
Please
sign
them
so,
the
next
time
we
have
a
meeting,
we
can
make
sure
to
get
the
right
size
room.
We
have
a
minute
sticker.
That's
me,
we
have
a
Java
scrab,
that's
Dan
and
we
have
an
agenda
which
we
can
go
smash
up
in
a
minute
here.
Okay,
we
have
some
weird
group
status,
so
I'm
gonna
have
to
this
isn't
entirely
or
maybe
it
is
accurate,
I
didn't
look.
We
have
a
bunch
of
things.
D
D
Maybe
that's
zero
I
think
that
might
actually
be
one
or
two
in
the
editor
at
this
point
is
Gia's
processing,
I,
don't
know
exactly
if
that
just
means
I
hg
strictly
or
Alvaro
on
his
own
there's
like
six
or
seven
documents,
at
least
enough
RSQ
for
us,
maybe
as
many
as
90
anyway,
numbers
and
words.
Next,
okay,
gosh
I
should
have
read
sandy
slides
before
I
walked
in
here.
Ok,
so
there's
seven
act
that
active
documents
we're
still
dealing
with
again.
Some
of
those
are
getting
moved
to
the
to
the
ops
area,
eventually
by
Chicago.
D
D
F
Successor
in
the
place
where
we
would
have
on
the
remaining
working
documents
that
are
not
being
advanced
by
by
the
routing
a
DS,
so
this
was
relatively
well
received,
so
it
actually
has
been
chartered
on
the
IHG
approved
it.
As
of
11
8,
we
have
two
chairs
installed.
You
will
notice,
one
of
them
looks
kind
of
familiar
so
well.
Actually,
both
of
them
look
familiar.
One
of
them
is
currently
the
chick
currently
that
chair
here,
so
that
should
be
a
little
continuity.
You
should
give
us
some
fresh
blood
and
I
I.
F
Think
one
of
the
things
that
we
now
have
to
work
on
apart
from
actually
starting
this
effort,
is
what
do
we
do
next.
So
we
have
charter
items
that
take
us
through
the
end
of
2017.
Most
of
those
documents
already
exist,
so
the
act
of
creating
them
and
bringing
them
to
the
working
group
and
asking
for
consensus
to
adopt
them
is
essentially
already
a
solved
problem,
and
that
means
what
remains
is
to
do
that
work,
but
I,
don't
think
cider
Ops
will
be
done
by
any
means
just
because
those
documents
are
completed
so.
F
I
would
actually
recommend
that
people
take
a
look
at
the
Charter
as
it
exists
now
take
a
look
at
the
mailing
list,
which
is
fresh
and
shiny,
and
you
should
join
it,
and
this
effort
will
commence
so
I
think
next
slide.
Please
I
think
they
should
be
done.
So
these
are
the
documents
that
were
fed
out
of
cider.
These
are
our
initial
work
items
and.
F
F
Yep
please
subscribe
and
next
slide.
Please
should
be
it.
Oh
there's.
Our
final
charter
I
think
very
important
to
me
and
feedback
that
we
got
from
you.
Folks
I
was
that
operators
doesn't
just
mean
arm
network
operators,
I
mean
CA
operators,
it
means
regional,
national
and
local
internet
registries.
It
means
the
people
developing
the
relying
party
software
because
that
stuff
has
to
run,
and
it
means
the
research
and
measurement
community
that
are
working
in
the
stuff
all
the
time
so
I.
F
G
F
F
H
E
I
J
Yeah
Tim
ghazals
records
to
see
I
had
a
question
about
the
the
the
chart
at
work.
If
you
will
or
well
mature,
that's
a
correct
phrase,
but
the
the
items
that
already
listed
for
the
first
milestone.
So
how
does
it
work
if
we
want
to
bring
a
new
work
or
unnaturally
so
move
some
of
the
work
that's
currently
insider
over
because
it
happens
to
be
more
operational,
yeah.
F
So
a
the
current
slider
working
group
in
my
understanding
is
going
to
get
closed
down
as
soon
as,
if
not
by
the
end
of
this
meeting
as
soon
as
the
work
items
that
are
passing
through
the
isg
are
our
proper,
properly
processed.
So
if
you're
considering
new
work,
you
will
the
way
to
ask
if
it's
appropriate
to
do
it
insider
is
to
actually
kind
of
look
at
the
Charter
and
see
if
it's
so
if
it's
covered
and.
F
I,
don't
think
we
that's
something
that
I
will
have
to
discuss
with
the
with
the
working
group
chairs,
but
I
don't
think
that
it's
necessary
for
us
to
advance
them
right.
We
can
actually
all
that
actually
has
to
happen
for
a
doctor
advances
that
we
move
it
into
the
appropriate
queue
right
so
that
we
don't
have
to
change
the
title.
To
do
that.
I
can
just
make
myself
the
responsible
ad
okay
and
then
click
the
button
right.
So
that's
that's
not
really
a
I,
don't
think.
There's
a
process
impediment
to
us.
F
K
Could
don't
folks
I'm
taking
films,
ideas
and
today,
I
would
like
to
introduce
the
update
of
the
document
I'm
slum.
So
that's
like
please
thank
you
before
we
are
piff
I
introduce
update.
I
would
like
to
remain
as
well
review
the
what
the
term
documented
in
intended
for
and
how
it'll
do
it
so
motivation.
The
motivation
is
quite
straightforward.
People
want
to
get
some
local
control
ability
as
far
they
are
concerned
about
the
impact
exerted
by
the
RPK.
So,
okay,
so
for
one
thing,
network
operators
may
want
to
selectively
a
ride.
K
K
How
would
you
sum
do
it?
Saddam
would
in
label
the
relying
party
to
override
Izzy
vana
data
cache
by
adding
something
and
across
the
an
something
quite
easy
explain.
Please
update
overview.
We
did
reorganizing
the
layout
and
rewrite
his
use
case,
giving
a
love
you
give
her
back,
adding
a
dupe
figure
to
the
document,
adding
a
more
tactical
security
considerations,
except
thank
you.
K
As
for
we
organize
the
layout
to
help
people
to
share
the
document
together,
the
idea
behind
the
document
easy
this
updated
document
go
from
the
general
description
to
the
very
detail
from
section
by
section
section
by
section,
I
think
it's
it's
a
confirms.
Two
people
also
call
cognitive
style,
so
X
I,
please
you
scale
revere
him.
Salam
was
born
to
do
more
than
cooking
weezy
private
internet
lumber
resources.
K
There
was
a
last
version
of
this
document,
focus
on
that
and
since
Aslam
takes
action
to
the
van
atender,
cash
it'll
actually
can
be
used
by
the
relying
party
locally
to
to
remedy
the
mistake
from
the
RPK
at
its
discretion
lose
out
maxim
described
her
here,
I
just
applied
locally.
They
don't
influence
how
other
network
operators
to
integrate
to
the
applicant
enter
I
would
reiterate
locally
as
much
as
I
can
to
keep
people
away
from
thinking.
Aslam
is
kind
of
a
pure
data.
K
K
It's
looking
at
the
four
seconds
next
time.
Please
excuse
me
security
considerations,
saying
slum
are,
has
a
privilege
to
convey
the
final
information
to
a
rally
system.
I
think,
is
quite
important
as
a
correcting
threat
from
the
RPK
between
rpk
and
on
routing
system.
So
this
section
dissolve
more
deliberations
and
the
text.
To
sum
up,
we
need
three
risk
in
terms
of
some
use.
K
Each
manipulation
on
assertions
about
long
private,
intellect
lamba
resources,
active
happens,
arrows
the
inner
salaam
file,
a
quite
obvious
and
authenticity
and
integrity
of
the
some
fog
could
be
wracked.
If
the
relying
party
updated
it's
some
fire
over
the
network
x,
I,
please,
this
part
is
quite
it's
kind
of
interesting,
Tim
and
Rob.
K
A
BF
based
the
description
in
this
document
is
actually
not
the
slump
out.
Salam
configuration
file,
while
the
Jason
XML
I
am
for
mate.
Configuring
file
is
what
the
relying
party
would
use
to
configure
in
practice.
Not
being
said
about
a
BF
based
format
is
is
kind
of
instruction
to
indicate
how
the
some
configured
file
should
be
shaped.
So
that
being
said,
I
think
a
behalf
is
really
really
indispensable
as
a
full.
K
Expressing
the
initial
logic
of
some
configuration
file
for
one
thing,
implementers
have
to
write
into
a
code
to
make
RP
to
execute
a
certain
function,
energies
on
Lou
matter,
which
kind
of
configuration
file
you
are
used
and
the
some
configuration
file
itself
doesn't
tell
how
they
are
P.
How
to
do
what
to
do.
It
just
provides
the
input
information
that
some
functionality
execution
needs
so
I'm.
As
a
concurrent
on
my
personal
opinion,
my
preference
on
this
issue
would
be
a
keep
a
BF
description
in
this
document
to
express
it.
K
Ok.
These
are
the
examples
of
some
file.
Lex
I,
ok
about
the
implementation
plan,
speaking
LZ
a
demonstrator
or
Orchestra,
which,
by
the
way,
is
a
wine
kind
of
the
relying
party
software.
We
are
going
to
support
some
functionality
in
the
coming
future.
By
the
way
my
team
is
now
working
only
when
it
does
should
reconsider
algorithm.
So
that's
the
legs
job
next
time,
please.
Thank
you.
Ok
I
would
like
to
extend
my
sensitive
Kent
for
his
guidance
and
the
detail,
reviews
in
preparing
this
document
and
very
much.
Thank
you
very
much
to
a
team.
K
J
J
So
when
David
made
a
document,
because
ripster
is
doing
some
of
this
as
well
and
also
for
adoption-
I
said:
let's
go
because
I
think
it's
better
to
standardize
with
regards
to
the
semantics
of
how
you
should
treat
essentially
ignore
filters.
I
don't
use
this
that
you
find
in
the
RBI
these
these
prefixes
or
these
yes
numbers,
and,
let
me
add,
my
local
editions.
J
I
have
no
no
problems
with
the
document
whatsoever.
It's
actually
exactly
the
same
as
what
we
are
doing,
but
it's
good
to
have
a
defined.
What
I
do
have
an
issue
with
is
the
the
file
format,
because
we
did
talk
about
this
before
and
well.
We
can
agree
to
disagree,
but
I
think
it
would
be
much
better
if
we
had
in
fact
just
one
specification
for
this
file
format
for
interoperability
sake,
so
you
could
use.
J
The
a
B
and
F
format
that
this
gurney
or
was
in
in
the
previous
document
at
least,
is
well
defined
and
is
something
that
can
be
edited
by
humans,
but
library
support
for
it
is
very
limited.
So
that's
why
I
wouldn't
want
to
have
it.
I
would
like
to
have
a
format
that
is
both
it's
easy
to
to
read
and
edit
for
humans,
but
machines
alike,
of
the
other
choices.
We
went
through
this
on
the
in
private
conversation
that
I'm
sharing
this
with
the
group.
J
So
you
know
yes,
you
can
have
XML,
but
I,
don't
think
that's
very
good
for
humans
either
you
can
have
Jason,
which
we
are
currently
doing,
but
still
not
ideal
for
you
for
humans,
I.
Think
of
the
choices
there.
Yellow
is
probably
the
best,
because
it's
easy
to
add
it
easy
to
understand.
Yet
there
are
a
ton
of
libraries
out
there
that
allow
you
to
bosses
will
also
generate
this.
The
audience
is
important
because
part
of
the
updates
go
through
user
interface,
not
through
the
command
line.
So
we
want
to
reliably
write
these
things.
J
Then
another
thing
in
the
content
comments
in
the
file
are
now
just
in
the
file.
I
believe
those
should
be
first-class
citizens
of
the
format
you
can
discuss
this
later,
as
we
continue
this
work,
but
then
we
can
preserve
them.
Finally,
I
want
to
suggest
future
work
on
this
as
well,
because
we're
looking
at
the
files
now
but
I
believe
that
an
API
that
allows
people
to
dynamically
make
changes
like
this
would
also
be
very
useful
work.
J
K
Thank
you,
Jim
I,
totally
agree
with
you.
You
will
be
very
helpful
to
this
issue.
Just
I
may
miss
miss
one
thing.
I
during
my
presentation
are
we
have
difficult
in
providing?
Is
the
abstract
template
for
Jason,
for
instance,
format
without
providing
a
concrete
usage?
You
know
what
I
me
a
BF,
it's
quite
easy
to
express
the
essential
logic.
Even
if
you
don't
have
a
concrete
eulogy.
E
K
G
J
J
J
So
yeah,
that's
the
rightmost
example
there,
but
it's
a
bit
difficult
to
read
from
here,
but
in
any
case
that's
a
discussion.
We
can
continue
on
the
list,
but
it's
exemplify
that
I
don't
think
his
work.
Is
there
yet
I
think
it
is
going
in
the
right
direction
and
I
would
love
to
continue
this
work
inside
also,
but
Kim.
K
M
M
M
K
M
Okay,
if
I
right,
relax,
ng
schema
for
the
XML,
it
looks
damned
like
a
grammar
like
you're,
a
B
and
F,
and
it
also
is
not
the
final
format
of
what
is
going
in
there,
but
it's
defining
the
syntax
and
it
and
it
exposes
the
structure
on
which
you
want
to
tag
on
the
semantics,
ok
and
well.
Okay,
for
the
other
formats,
probably
some
way
of
defining
a
schema
is
also
available,
though
at
the
moment
the
XML
actually
does
that
better.
Okay,
thank.
K
J
No
yeah,
thank
you.
I
think
that
would
be
good
and
even
if
we
don't
have
a
formal
definition
of
a
llamo
format,
for
example,
I
think
we
can
do
a
lot
by
by
example
and
restricting
things
even
if
a
formal
specification
does
not
exist.
I
think
we
can
please
make
an
attempt
to
define
it
in
the
document,
and
I
think
you
should
pursue
that.
J
J
Previous
times,
we've
talked
about
the
whole
algorithm
that
we
use,
etc,
etc.
So
I
don't
want
to
go
into
any
of
that
right
now.
I
want
to
talk
a
bit
about
the
goals
that
we
have
at
this
document,
and
the
process
and
I
have
a
question
for
the
working
group
there
or
the
future
working
group
signed
also
actually
so.
J
First
of
all,
the
title
might
be
a
bit
misleading
because
it
says
three
validation,
but
it
doesn't
try
to
define
how
this
should
be
done.
It's
not
the
best
current
practices
document,
it's
not
a
standard
document.
It
is
actually
an
informational
document
and
explained
how
our
specific
implementing
implementation
works,
and,
even
though
this
title
might
be
a
bit
misleading
or
well,
the
title
of
the
document
ism
is
leaving,
but
the
short
name
of
the
file
we've
always
been
open
about
this,
I
believe-
and
so
why
would
we
go
to
the
working
group
with
this
work?
J
Well,
we
found
it
actually
really
valuable,
because
we
want
something
we
want
to
provide
transparency
to
the
users
of
our
software.
This
is
how
it
works,
and
we
want
to
get
a
review
by
others
that
this
is
indeed
okay.
So
we
got
this
review
and
I'd
like
to
thank
the
working
group
for
that,
especially
also
rob
austin
who's
been
doing,
implementing
some
of
the
same
ideas
that
we
had
and
also
steve
can't
who's
provided.
A
long
list
of
comments
actually
so
what's
important
to
note,
though,
is
that
the
document
describes
what
the
software
does.
J
So
there
may
be
discussion
about
how
it
could
work
differently,
but
the
section
that
describes
of
the
software
does
is
not
changed
as
a
result.
What
we've
done
in
this
latest
version
and
I,
submitted
two
weeks
ago,
I
think,
is
that
we
have
included
comments
in
the
document
where
there
is,
you
know,
possible,
other
concerns
of
other
things
you
could
be
doing.
We
try
to
include
that
again
to
provide
transparency,
but
we
didn't
change
the
text
because
our
implementation
is
actually
doing
what
it
does
so.
J
Well,
that's
one
thing
to
frame
where
this
document
is
next
slide,
please,
so
a
problem
that
I
want
to
discuss
with
you
is
essentially
this.
This
is
a
moving
goal
or
target
I
mean
this
document
describes
what
the
software
does
right
now
we
intend
to
make
changes
in
the
future.
Small
changes
may
be
big
changes,
and
you
know
that
goal
will
move
so
next
slide.
Please.
J
How
do
we
deal
with
that
going
through
the
working
groups
is,
can
be
a
bit
of
a
heavy
process,
but
again
we
really
like
the
transparency
and
the
review.
So
that's
why
we're
doing
it
so,
after
considering
many
options,
what
we
would
propose
is
that
we
actually
build
for
last
call
on
the
current
document
pretty
soon.
This
can
also
be
in
the
inside
odds.
J
If
people
feel
that
their
concerns
are
not
properly
represented
in
the
document,
then
we
can
of
course
revisit
that,
but
in
the
sense
that
it
describes
how
the
software
does
and
that
won't
change
in
the
next,
let's
say
six
months,
I
believe
it
can
go
final
there
for
future
updates
if
they're
minor.
What
we
could
do
is
just
including,
with
our
release
of
the
software.
J
We
are
providing
transparency,
but
it's
you
just
have
to
believe
us
on
the
word
when
you
read
this
document,
so
it's
less
ideal
in
a
way.
So
I
was
just
wondering
where
people
in
this
working
group
stand
and
equal
insider
ops
will
be
standing
on
this.
Do
you
have
preferences
ideas
about
this?
I?
Would
love
to
hear
and
that's
it
questions
comments.
J
M
Video
photos,
telecom
I
think
it
works
at
some
point
in
time.
I
would
guess
that
you
will
rather
switch
to
your
users
forum
for
the
for
asking
for
feedback,
but,
as
we
start
up
side
or
ops
and
the
user
base
may
not
have
that
much
expertise
in
looking
at
all
the
critical
places.
I
think
kind
of
reviewing
here
or
insider
ops
should
be
fine
and
not
not.
Every
revision
actually
has
to
go
to
our
FC.
H
H
J
J
Regarding
wiki's
or
user
forum,
the
point
is:
this
describes
just
the
validation
process
right
it
doesn't
describe
everything
of
the
software.
It's
very
specific
on
that
and
judging
whether
that
is
a
correct
way
to
do.
Things
requires
very
good
knowledge
of
how
dr
BR
works.
So
in
that
sense,
I'm
not
sure
that
the
user
forum
would
work
I'm,
not
sure
how
to
wikis
work
in
the
ITF,
but
because
it
describes
what
we
actually
do.
J
We
need
to
have
the
other
token
on
it,
because
you
know
you
cannot
just
change
it
and
then
our
software
does
something
that's
different.
Suddenly,
that's
not
how
it
works
right,
so
I
would
prefer
to
keep
control
of
the
document,
but
have
some
form
of
processing
and
another
suggestion
earlier
was
that
maybe
we
accept
that
it
never
gets
to
RFC,
but
we
just
have
a
document
that
gets
updated.
You
spin
up
a
new
version
and
you
says:
well
it's
a
living
document.
That
would
also
work
for
me
if
that
works
for
the
working
group.
J
But
ok,
maybe
you
should
wrap
up
because
I
don't
think
we
get
all
those
things
answered
right
here,
but
I
wanted
to
make
the
question
really
explicit
for
you
guys.
So
what
do
you
think?
Should
we
just
addresses
inside
off
Stan
and
ask
how
to
proceed?
Should
we
go
for
law
school
on
this
one?
So
we
have
a
baseline
and
then
continuing
with
future
work.
That
would
kind
of
have
my
preference
just
have
something
wrapped
up.
F
Surely
a
glee
I
think
those
are
open
questions.
There
are
certainly
things
that
we
could
ask
the
mailing
list.
You
probably
want
to
do
it
when
it's
slightly
more
populated,
because
it
will
be
a
bit
of
an
echo
chamber
at
the
moment,
but
I
think
it's
perfectly
legitimate,
given
that
expired,
RFC's,
number
or
RFC's
expired
drafts
never
really
disappear
at
this
point
that
a.
F
F
Well
so
I
think
that's
a
question
that
we
can
ask
at
that
time
right,
because
one
of
the
problems
with
asking
for
consensus
is
the
rest
of
the
community
at
that
time,
as
opposed
to
say
now
is
inclined
to
make
changes,
and
you
aren't
because
it's
you
know
your
thing,
then
then
that's
not
really
a
consensus
process,
but
again
that's
a
bridge.
We
could
cross
at
some
future
time
without
having
to
solve
it.
Today.
J
Sure,
but
let
me
just
allow
me
two
new
ones,
that
a
bit,
because
I
feel
that
if
people
see
blocking
issues
with
our
implementation,
I
really
would
like
them
to
speak
up
and
I
wouldn't
want
to
call
this
final
and
I
would
want
to
change
the
song.
If
there's
difference
in
opinion
of
you
could
go
left
or
right,
but
there's
no
not
really
clear
what
is
the
best
way
then
I
want
to
go
with
what
we
do.
Yeah.
I
I
It
can
receive
be
to
be
checked,
traffic
and
print
it
out
in
the
kind
of
Wireshark
form.
We
don't
print
out
every
little
thing
like
MP,
NRI
or
something
like
this,
but
we
focus
mainly
on
the
BGP
sec
path.
Attribute
it
as
I
said
very
easy
to
configure,
has
configuration.
Script
goes
your
command
line,
you
can
pipe
the
pipe
in
traffic,
etc.
If
you're
more
than
that,
you
can
grab
me
after
that,
and
then
I
control
your.
I
We
can
talk
a
little
bit
about
that
and
it
also
can
test
just
crypto
modules
for
bgp
zach
parsing.
So
what
that
means
is
in
the
quagga
RX
implementation.
We
extract
with
our
crypto
apart,
so
quagga.
Basically,
just
started
as
a
policy
processing
and
the
beach
exact
path,
processing
to
the
extent
it
needs
to
basically
mix
index,
check
and
so
forth,
but
then
we
just
hand
over
the
whole
BJP's
egg
path
attribute
into
a
crypto
module.
I
What,
then,
can
be
changed
easily
with
plugins
and
something
like
that,
so
this
tool
can
basically
just
make
these
calls
and
doesn't
have
to
talk
bgp
as
well.
What
is
very
good
for
if
you
want
to
make
speed
tests
or
performance
improvements
next
slide,
so
what
I
want
to
show
today
is
just
a
very
simple
topology
from
a
s-10
to
as50.
I
We
have
traffic
generated
by
akka
wakka
SRX,
these
three
guesses.
On
the
left
side,
it
goes
into
a
bird
to
another
Bertram,
the
quagga,
a
text,
another
kaka
SRX.
We
have
one
row
in
the
system
that
allows
s10
to
produce
at
to
announce
these
three
prefixes.
Then
we
have
a
is
100
PSP,
gp's,
a
guy
or
bad
guy,
wants
to
hijack
the
traffic
next
slide.
So
if
you
have
it
on
your
computer,
it's
sometimes
a
little
bit
difficult
to
know.
Follow
everything
I
would
recommend
to
stay
on
slide.
I
4,
so
that
you
know
what
what's
going
on.
So
what
do
you
see
on
the
very
top
is
basically
all
the
windows
of
the
of
the
a
s
instances
you
have
10,
20
30,
know
10,
20,
40
and
50,
then
on
the
upper
right.
We
also
have
like
a
our
peak
I
cash
test.
Harness
kind
of
thing
maybe
can
inject
Ross
with
rpki
protocol.
We
do
not
make
any
validation
of
something
it's
just
a
very
simple
whitelist
generator
that
feeds
into
the
quagga
s4x.
Then,
underneath
there
you
see
the
h100,
that's
the
bgp
sekai.
I
I
So
I
start
everything
up
and
you
see
on
a
is
30.
That's
a
convert
implementation.
You
see
the
past
coming
as
each
three
prefix
coming
in
via
1020
they're,
validated
valid.
Then
in
as50
you
see
the
whole
path
and
everything
is
well
it
as
well
to
this
one
very
quick
to
explanation
in
progress
or
X.
We
have
you
have
the
V,
then
you
have
the
brackets
VV,
so
in
quagga,
SRX,
basically
combined
origin,
validation,
wispy
to
protect
pass
validation,
and
you
can
turn
off.
I
I
So
then
I
go
back
to
ace,
40
I!
You
see
there
ace
next
slide,
so
you
see
here
as
well.
We
have
10
20
30.
Now
we
are
in
s40.
Sorry
next
slide.
So
now
we
want
to
add
the
traffic.
If
you
look
up
there
and
das
100
slide,
so
we
start
to
be
to
be
sick.
I
0
and
V
announced
exactly
the
same
prefixes
next
slide
so
down
here
now
on
the
terminal
of
s40,
which
is
connected
to
ace
100,
you
see.
I
Basically,
it
received
the
additional
three
updates
next
slide,
so
it
makes
it
a
little
bit
bigger.
So
you
see
the
in.
If
you
know,
if
you're,
not
if
you
don't,
if
you
didn't
see
the
quagga
output
before
so
this
is
a
s
path
and
over
there's,
basically
the
previous,
the
greater
than
sign
is
basically
showing
is
selected
path.
I
You
see
that
in
all
three
instances,
stills
along
a
path
is
selected,
even
though
the
pass
validation
was
successful
because
it
was
a
s100,
they
denounced
it,
it
used
its
own
key,
it
could
be
validated,
but
the
origin
validation
complained
because
we
didn't
hit
the
raw
for
that.
So
the
whole
updated
self
is
invalid
and
our
policies
prefer
well
it
and
you
don't
select
the
next
slide.
I
I
He
announces
or
heap
repents
a
is
10
and
analysis
into
hope
to
that
now
now
to
be
successful
with
origin.
Meditation
next
slide,
so
we
stopped
everything
you
see
again
that
on
is
40
the
announced,
trout,
sorry,
strong
next
slide,
the
new
announcements
are
done
now.
What
you
see
is
basically
we
receive
next
slide.
We
receive
path,
110
listed
prefix
and
you
see
in
the
validation
now
the
original
iteration
past,
but
the
path
relation
fade.
Excellent!
I
D
P
P
P
At
the
last
meeting,
I
made
a
mistake
of
standing
up
and
saying:
how
are
we
testing
all
this
crud?
Thank
you
for
Oliver
for
giving
one
example
and
an
excellent,
delicious
one,
and
somehow
the
chairs
got
it
in
their
minds
that
we
should
talk
about
it.
So
we'll
try
to
do
so.
What
are
the
pieces
that
we've
thought
of
so
far,
and
this
is
not
an
exhaustive
list
seeing
that
ca's
interoperate,
seeing
that
caches
all
produce
the
same
result
right
would
be
nice
aside
from
issues
of
times.
P
Q
right
do
caches
fetch
from
each
other.
Can
they?
In
my
you
know,
I've
got
a
big
isp,
my
near
my
routers
walled
off
right,
I,
let
very
little
through
I
would
like
the
caches
in
that
rack
to
talk
two
caches
in
another
rack,
but
not
glow
to
the
go
to
the
global
rpki.
How
does
that
work,
especially
now
with
the
change
to
rdp?
We
understood
it
with
our
sink.
Okay.
P
The
routers
produce
consistent
results
at
all
and
do
they
produce
it
with
consistent
with
multiple
caches
and
do
routers
actually
do
their
job
clicky
wiki.
Thank
you.
So,
let's
talk
about
certificate
authority
testing
do
the
actual
cas
and
I'm
not
sure
this
list
is
exhausted.
Oh
no,
AP
nick
has
a
separate,
CA,
I,
think
I'm
not
etc.
Do
those
cas
interoperate
and,
for
example,
right
now
put
please.
We
have
an
example
where
ripe
has
a
child
and
that
child
has
a
child.
P
So
that's
right,
interacting
with
dragging
labs,
interacting
with
dragon
webs
vertically,
as
in
the
right
hand
side
there.
But
what
happens
when
you've
got
somebody
big,
like
AT&T,
who
has
resources
from
right
and
for
Marin
and
other
are
I
hours,
of
course,
and
may
have
also
RFC
1918
resources
that
they
want
to
validate
in
tournament?
P
P
P
J
So
so,
when
Rennie
mentions
validators
caches,
feeding
off
caches,
I
thought.
You
know
this
might
be
an
interesting
topic
for
for
psy
ops.
Actually,
now
all
the
implementations,
with
none
of
the
implications
to
do
this
right
now,
but
they
they
fetch
data,
they
do
validation
and
then,
as
far
that
speaks
with
Reuters
or
get
spoken
to
by
Naruto's
be.
But
you
could
also
check
that
out.
You
could
spare
these
functions
out
and
something
that
is
just
concerned
with
fetching
that
may
live
in
some
part
of
your
network.
J
You
can
have
a
validator
that,
maybe
in
another
part
of
your
network,
where
it's
more
secure
that
can
just
get
that
data
you
may
want
to
use
to
for
redundancy
and
then
that
data,
the
validated
data
itself
may
go
to
caches
that
are
closer
to
your
Reuters,
whose
only
function
there
is
to
just
provide
that
to
Reuters.
So
you
isolate
these
functions
for
redundancy,
scalability
and
security.
Iceboxx
I,
don't
know
if
this
is
really
worthwhile,
but
I
think
it's
definitely
one
of
the
things
that
are
worth
considering
and
inside
of.
P
My
personal
opinion
worth
everything
you
pay
for
it
is.
The
first
is
actually
useful
in
large
ISPs
who
should
not
put
you
know,
should
have
a
couple
externally
facing
fetchers
separating
the
second
and
the
third
bothers
me,
because
I
don't
outsource
security
right
I
want
that
validation
right
near
my
router,
because
the
rpki
router
protocol
strips
all
the
crypto,
the
router
is
betting,
its
lunch
on
the
validator.
So
but
that's
just
a
personal
opinion
and
I
imagine
folk
could
have
scenarios
in
which
they
would
be
more
comfortable,
breaking
all
three
pieces
out.
P
P
We
want
to
measure
the
semantics
I'm,
not
so
much
interested
in
speed.
I
think
we
want
continual
regression.
Testing
right.
All
of
us
were
of
any
scale,
have
labs
with
stacks
of
routers
that
we're
constantly
beating
to
death
to
see
that
last
move
tears
bugs
are
still
there
and
but
they
haven't
improved
next
please.
P
So
this
is
a
fantasy
of
mine,
I
had
back
in
2013,
and
it's
it's
stolen
from
some
I
was
born
a
compiler
writer,
and
this
is
kind
of
model
of
a
harness
from
the
70s
from
the
70s
from
compiler
validation
tools.
Where
you
have
the
device
under
test,
you
have
stuff
driving
it,
you
have
stuff
receiving
from
it.
P
H
P
M
I
think
that
question
may
pour
it
into
the
area
of
oil.
Okay.
How
is
how
is
a
resource
owner
actually
monitoring
what
is
happening
in
the
rpki
about
his
resource?
It's
supposed
to
be
represented
somehow
and
well.
Okay,
that
representation
will
have
some
consequences
in
the
evaluation
and
I
guess
that
point
of
view
is
kind
of
not
yet
covered
by
cider
and
future.
All
ok,
the
discussion
so
far,
and
your
and
your
and
your
testing
scenarios
as
well
so.
P
P
I
Convo
budget
pneus.
Regarding
your
question
of
testing
routers
with
the
applica
I
to
router
protocol,
we
developed
many
many
years
ago,
maybe
five
years
ago,
so,
four
years
ago,
a
tool
called
bright
which
allows
you
to
connect
its
brightness
right
of
NT.
Do
that
mr.
cough
and
it
allows
you
to
connect
your
outer
against
a
test
system,
and
then
we
sent
you
brrp
ki
protocol
some
ross.
We
sent
you
some
traffic
and
we
see
what
you
sent
back
and
then
we
give
you
a
little
report.
If
what
you
sent
back
was
what
we
expected.
I
I
Then
we
sent
you
the
so
normally
you
select
the
shorter
path
and
then
we
send
you
raw
for
the
for
the
longer
one,
and
then
we
see,
if
how
do
you
deal
with
this
now,
there's
a
row
of
having
to
you,
switch
over
to
the
shorter
path,
etc,
etc,
and
that
tool
can
be
extended.
There's
like
a
complete
scripting
language
or
something
like
that
so
source,
while
looking
into
and.
Q
I
That
we
presented
it,
but
at
this
time
nobody
really
thought
about
our
peak
I
and
it
was
a
little
bit
before
our
time
so
but
I
think
right
now
that
that's
a
good
tool.
What
one
can
go
back
and
say:
okay,
is
there
more
what
we
need,
maybe
more
tests,
because
we
only
have
a
very
short
or
very
small
amount
of
tests
in
there,
but.
J
It's
not
something
that
we
normally
do,
but
what
we
would
quite
happily
do
is
act
as
the
opt-in
CA
and
have
our
validates
around
there
and
look
into
any
issues
that
might
be
revealed
that
I
see
very
big
value
in
for
us
also.
You
know
when
we
do
future
releases
of
the
relying
party
software.
I
see
this
is
a
very
good
thing
to
have
you
know:
does
it
work
as
respect
as
expected?
Of
course
we
do
our
own
testing
about
having
something
extra.
It's
quite
useful.
P
R
R
P
Q
Karla
martinez
latnok,
we
definitely
see
the
value
of
this,
but
I
share
the
same
concern,
esteem
and
I.
Don't
know
how
much
time
my
time
we,
my
team,
will
have
to
put
into
such
a
project,
however,
and
I
think
we
should
keep
actually
working
on
this
and
perhaps
come
up
with
a
list
of
more
detail
activities.
So
we
can
actually
make
a
decision
on
that.
I
think.
Q
J
Yeah
again,
to
repeat
the
only
thing
that
I
can
commit
to
now
is
to
continue
what
we're
doing
already,
where
we
test
our
operation
as
a
CA,
and
we
can
redo
that
work
to
other
see
Chelsea
age
and
and
that
we
can
help
test
or
validated
in
a
framework,
but
I
cannot
commit
the
setting
up
a
a
full
infrastructure
for
doing
this.
Miss
testing
at
this
time,
if
that
makes
sense,
mother
would
very
happy
happily
work
with
X
will
do.
Could.
P
You
back
step
to
the
bed
bed
bed,
bed,
bed
yep
can
right
and
Aaron
and
lack
Nick,
who
I
think
are
all
three
here.
Probably
ap
nick
is
here
too
I.
Think
yeah,
then
AfriNIC
here,
hey
Daniel,
could
you
you
have
to
all
of
you
have
I
believe
test
instances
am
I
correct
in
that
test
in
CA
instances.
So
can
we
as
a
group,
commit
to
building
a
complex
mess
of
CA
infrastructure
that
stays
and
Rob
and
I
are
I'm,
Jay,
etc,
etc?
P
M
Okay,
a
hoodie,
oh
again,
yes,
I
was
stepping
up
exactly
for
the
question
for
clarification,
whether
your
test
plan
was
for
test
environments
or
for
the
actual
production
thing,
and
at
least
at
least
for
getting
started
in
the
early
years.
I
think
that
the
test
instances
should
be
used,
and,
yes,
the
commitment
safe
from
ripe
ncc
to
have
the
test
instance,
I
think,
is
unwavering.
C
P
P
M
P
J
P
J
And
one
of
the
things
there
is
that
I
mean
it
uses
the
same
mechanisms
as
our
normal
environment
in
that
have
to
be
a
ripened
to
see
member
to
use
it,
etc.
So
I
think
we
need
to
talk
offline
about
how
we
can
what
we
can
do
here
if
you're,
not
a
member
etc.
So
I,
I
would
suggest
we
talk
later,
but
we
do
have
a
test
environment
and
I
I
see
value
in
using
that
and
figuring
out.
If
there's
anything
in
the
in
the
provisioning
protocol
that
that
is
broken.
Of
course,.
N
N
S
Tied
you
from
Japanese,
we
have
three
types
of
tests
bit,
and
one
is
public,
so
we
mean
zip
in
Japanese.
We
have
monitoring
system
for
the
validation
for
all
objects
published
by
Joe
Panik
system.
But
if
you
have
such
test
environment
for
all
object
issued
by
our
hearts
or
subordinate
FCA
under
RL
is
good
to
see.
The
I
would
say
that
the
number
of
validated
roles
in
the
world
I
think.