further clarification of Session ID
This commit is contained in:
parent
175b66f818
commit
3fd0154d5a
1 changed files with 36 additions and 29 deletions
|
|
@ -8,7 +8,7 @@
|
||||||
<?rfc compact="yes"?>
|
<?rfc compact="yes"?>
|
||||||
<?rfc subcompact="no"?>
|
<?rfc subcompact="no"?>
|
||||||
|
|
||||||
<rfc category="std" docName="draft-ietf-sidrops-8210bis-173"
|
<rfc category="std" docName="draft-ietf-sidrops-8210bis-17"
|
||||||
submissionType="IETF" ipr="trust200902" version="2" consensus="yes">
|
submissionType="IETF" ipr="trust200902" version="2" consensus="yes">
|
||||||
|
|
||||||
<front>
|
<front>
|
||||||
|
|
@ -46,9 +46,9 @@
|
||||||
In order to validate the origin Autonomous Systems (ASes) and
|
In order to validate the origin Autonomous Systems (ASes) and
|
||||||
Autonomous System relationships behind BGP announcements,
|
Autonomous System relationships behind BGP announcements,
|
||||||
routers need a simple but reliable mechanism to receive Resource
|
routers need a simple but reliable mechanism to receive Resource
|
||||||
Public Key Infrastructure (RFC6480) prefix origin data and
|
Public Key Infrastructure (RFC6480) prefix origin data, Router
|
||||||
Router Keys from a trusted cache. This document describes a
|
Keys, and ASPA data from a trusted cache. This document
|
||||||
protocol to deliver them.
|
describes a protocol to deliver them.
|
||||||
</t>
|
</t>
|
||||||
<t>
|
<t>
|
||||||
This document describes version 2 of the RPKI-Router protocol.
|
This document describes version 2 of the RPKI-Router protocol.
|
||||||
|
|
@ -68,10 +68,11 @@
|
||||||
(ASes) and AS paths of BGP announcements, routers need a simple
|
(ASes) and AS paths of BGP announcements, routers need a simple
|
||||||
but reliable mechanism to receive cryptographically validated
|
but reliable mechanism to receive cryptographically validated
|
||||||
Resource Public Key Infrastructure (RPKI) <xref
|
Resource Public Key Infrastructure (RPKI) <xref
|
||||||
target="RFC6480"/> prefix origin data and Router Keys from a
|
target="RFC6480"/> prefix origin data, Router Keys, and ASPA
|
||||||
trusted cache. This document describes a protocol to deliver
|
data from a trusted cache. This document describes a protocol
|
||||||
them. The design is intentionally constrained to be usable on
|
to deliver them. The design is intentionally constrained to be
|
||||||
much of the current generation of ISP router platforms.
|
usable on much of the current generation of ISP router
|
||||||
|
platforms.
|
||||||
</t>
|
</t>
|
||||||
|
|
||||||
<t>
|
<t>
|
||||||
|
|
@ -193,12 +194,15 @@
|
||||||
cache server.
|
cache server.
|
||||||
</t>
|
</t>
|
||||||
<t hangText="Session ID:">
|
<t hangText="Session ID:">
|
||||||
When a cache server is started, it generates a Session ID
|
When a cache server starts a new Sequence Number space,
|
||||||
to uniquely identify the instance of the cache and
|
(which might be caused by, for example, restart with loss of
|
||||||
to bind it to the sequence of Serial Numbers that cache
|
data) it generates a new Session ID to uniquely identify the
|
||||||
instance will generate. This allows the router to restart a
|
instance of the cache and to bind it to the sequence of
|
||||||
session knowing that the Serial Number it is using is
|
Serial Numbers that the cache instance generates. This
|
||||||
commensurate with that of the cache.
|
allows a router to resume a session after a transport
|
||||||
|
connection failure without invalidating the router's data
|
||||||
|
store; as it is assured that the Serial Numbers it uses are
|
||||||
|
commensurate with those of the cache.
|
||||||
</t>
|
</t>
|
||||||
<t hangText="Payload PDU:">
|
<t hangText="Payload PDU:">
|
||||||
A payload PDU is a protocol message which contains data for
|
A payload PDU is a protocol message which contains data for
|
||||||
|
|
@ -353,20 +357,20 @@
|
||||||
update from a parent cache or the Global RPKI.
|
update from a parent cache or the Global RPKI.
|
||||||
</t>
|
</t>
|
||||||
<t hangText="Session ID:">
|
<t hangText="Session ID:">
|
||||||
A 16-bit unsigned integer.
|
A 16-bit unsigned integer. When a cache server is
|
||||||
When a cache server is started, it generates a Session
|
[re]started (i.e. its data are not a continuation of the
|
||||||
ID to identify the instance of the cache and to bind it
|
previous data) it generates a new Session ID to identify
|
||||||
to the sequence of Serial Numbers that cache instance
|
the instance of the cache and to bind it to the sequence
|
||||||
will generate. This allows the router to restart a
|
of Serial Numbers that cache instance will generate. This
|
||||||
failed session knowing that the Serial Number it is
|
allows the router to restart a failed session knowing that
|
||||||
using is commensurate with that of the cache. If, at
|
the Serial Number it is using is commensurate with that of
|
||||||
any time after the protocol version has been negotiated
|
the cache. If, at any time after the protocol version has
|
||||||
(<xref target="version"/>), either the router or the
|
been negotiated (<xref target="version"/>), either the
|
||||||
cache finds that the value of the Session ID is not the
|
router or the cache finds that the value of the Session ID
|
||||||
same as the other's, the party which detects the mismatch
|
is not the same as the other's, the party which detects
|
||||||
MUST immediately terminate the session with an Error
|
the mismatch MUST immediately terminate the session with
|
||||||
Report PDU with code 0 ("Corrupt Data"),
|
an Error Report PDU with code 0 ("Corrupt Data"), and the
|
||||||
and the router MUST flush all data learned from that cache.
|
router MUST flush all data learned from that cache.
|
||||||
</t>
|
</t>
|
||||||
<t>
|
<t>
|
||||||
Note that sessions are specific to a particular protocol
|
Note that sessions are specific to a particular protocol
|
||||||
|
|
@ -425,7 +429,9 @@
|
||||||
A 32-bit unsigned integer which has as its value the count
|
A 32-bit unsigned integer which has as its value the count
|
||||||
of the octets in the entire PDU, including the 8 octets of
|
of the octets in the entire PDU, including the 8 octets of
|
||||||
header which includes the length field. This length MUST
|
header which includes the length field. This length MUST
|
||||||
NOT exceed 65,535 octets.
|
NOT exceed 65,535 octets. Note that BGP speakers already
|
||||||
|
need the capability to handle messages of this size, see
|
||||||
|
<xref target="RFC8654"/>.
|
||||||
</t>
|
</t>
|
||||||
<t hangText="Flags:">
|
<t hangText="Flags:">
|
||||||
An 8-bit binary field, with the lowest-order bit being 1
|
An 8-bit binary field, with the lowest-order bit being 1
|
||||||
|
|
@ -2076,6 +2082,7 @@ Cache Router
|
||||||
<?rfc include="reference.RFC.5781.xml"?>
|
<?rfc include="reference.RFC.5781.xml"?>
|
||||||
<?rfc include="reference.RFC.6480.xml"?>
|
<?rfc include="reference.RFC.6480.xml"?>
|
||||||
<?rfc include="reference.RFC.6481.xml"?>
|
<?rfc include="reference.RFC.6481.xml"?>
|
||||||
|
<?rfc include="reference.RFC.8654.xml"?>
|
||||||
<?rfc include="reference.RFC.9293.xml"?>
|
<?rfc include="reference.RFC.9293.xml"?>
|
||||||
</references>
|
</references>
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue