reworked negotiation and added renegotiation requires tear-down

2024-01-10 19:43:10 -08:00 · 2024-01-10 19:43:10 -08:00 · f60f7a55ed
commit f60f7a55ed
parent f812c253dc
1 changed files with 31 additions and 59 deletions
--- a/draft-ietf-sidrops-8210bis.xml
+++ b/draft-ietf-sidrops-8210bis.xml
@ -1188,74 +1188,37 @@
        and the session is considered open.
      </t>
      <t>
-        If a cache which supports version N receives a query with
-        Protocol Version Q &lt; N, and the cache does not support
+        If a cache which supports version C receives a query with
+        Protocol Version Q &lt; C, and the cache does not support
        versions &lt;= Q, the cache MUST send an Error Report (<xref
-        target="error"/>) with Protocol Version N and Error Code 4
-        ("Unsupported Protocol Version") and disconnect the transport
-        session.
+        target="error"/>) with Protocol Version C and Error Code 4
+        ("Unsupported Protocol Version") and disconnect the transport,
+        as negotiation is hopeless.
      </t>
      <t>
-        If a cache which supports version N receives a query with
-        Protocol Version Q &lt; N, the cache MUST downgrade to protocol
-        version Q, <xref target="RFC6810"/> or <xref target="RFC8210"/>,
-        and respond with a Cache Response (<xref
-        target="cacheresponse"/>) of that Protocol Version and the
-        session is considered open.
+        If a cache which supports version C receives a query with
+        Protocol Version Q &lt; C, and the ache can support version Q,
+        the cache MUST downgrade to protocol version Q, <xref
+        target="RFC6810"/> or <xref target="RFC8210"/>, and respond with
+        a Cache Response (<xref target="cacheresponse"/>) of that
+        Protocol Version, Q, and the RPKI-Rtr session is considered
+        open.
      </t>
      <t>
-        If the router query has version Q > N, the cache MUST send an
-        Error Report (<xref target="error"/>) with Protocol Version
-        N and Error Code 4 ("Unsupported Protocol Version"), and the
-        router SHOULD send another query with a Protocol Version Q of
-        the version N in the Error Report, unless it has already
-        failed at that version.  This MAY repeat with the router
-        attempting to negotiate lower and lower versions until they
-        agree.
+        If the the cache which supports C as its highest verion receives
+        a query of version Q &gt; C, the cache MUST send an Error Report
+        with Protocol Version C and Error Code 4.  The router SHOULD
+        send another query with a Protocol Version Q with Q == the
+        version C in the Error Report; unless it has already failed at
+        that version, which indicates a fatal error in programming of
+        the cache which SHOULD result in transport termination.
      </t>
      <t>
        If the router requests Q == 0 and it still fails with the cache
-        sending an Error Report (<xref target="error"/>) with Error Code
-        4 ("Unsupported Protocol Version"), then the router MUST abort
-        the transport connection.
+        responding with an Error Report with Error Code 4, then the
+        router MUST abort the transport connection, as negotiation is
+        hopeless.
      </t>
-<!--
-      <t>
-        A router MUST start each transport connection by issuing either a
-        Reset Query or a Serial Query.  This query MUST tell the cache
-        the highest version of this protocol the router implements.
-      </t>
-      <t>
-        If a cache which supports version N receives a Reset Query with
-        Version Q &lt; N, the cache MUST downgrade to protocol version Q
-        <xref target="RFC6810"/> or <xref target="RFC8210"/>.  If the
-        router's Reset Request was Q &gt; N, the cache MUST send a
-        version 2 Error Report PDU with Error Code 4 ("Unsupported
-        Protocol Version"), and the router MUST send another Reset Query
-        with a lower Version Q.  This MAY repeat.  If the router
-        requests Q == 0 and it still fails, then the router MUST abort
-        the session, sending a version 2 Error Report PDU with Error
-        Code 4 ("Unsupported Protocol Version").
-      </t>
-      <t>
-        If a router which supports version N sends a query to a cache
-        which only supports version C &lt; N, one of two things will
-        happen:
-        <list style="numbers">
-          <t>
-            The cache may terminate the connection, perhaps with a
-            version 2 Error Report PDU with Error Code 4 ("Unsupported
-            Protocol Version").  In this case, the router MAY retry the
-            connection using protocol version C.
-          </t>
-          <t>
-            The cache may reply with a version C response.  In this
-            case, the router MUST either downgrade to version C or
-            terminate the connection.
-          </t>
-        </list>
-      </t>
-->      
      <t>
        In any of the downgraded combinations above, the new features of
        the higher version will not be available, and all PDUs MUST have
@ -1295,6 +1258,15 @@
        discussion of the interaction between Protocol Version and
        Session ID.
      </t>
+      <t>
+	The configured transport security, the negotiated RPKI-Rtr
+	version, etc. may not be changed once a session has been
+	established.  If one side or the other wishes to try a different
+	transport, protocol version, etc. they MUST terminate the
+	transport and restart the entire transport and version
+	negotiation process, <xref target="Transport"/> and <xref
+	target="version"/>.
+      </t>
      <t>
        If either party receives a PDU for a different Protocol
        Version once the above negotiation completes, that party MUST