-01 with stronger reccos and seccons

2021-11-12 13:40:08 -08:00 · 2021-11-12 13:40:08 -08:00 · 3d02593371
commit 3d02593371
parent f27bab03fb
1 changed files with 26 additions and 14 deletions
--- a/draft-ymbk-sidrops-rov-no-rr.xml
+++ b/draft-ymbk-sidrops-rov-no-rr.xml
@ -80,6 +80,7 @@
    <t>
      A BGP Speaker performing RPKI-based Route Origin Validation should
      not issue Route Refresh to its neighbors when receiving new VRPs.
+      A method for avoiding doing so is described.
    </t>
    
  </abstract>
@ -122,17 +123,20 @@

   <section anchor="related" title="Related Work">

-    <t>It is assumed that the reader understands BGP, <xref
-    target="RFC4271"/> and Route Refresh <xref target="RFC7313"/>, the
-    RPKI <xref target="RFC6480"/>, Route Origin Authorizations (ROAs),
-    <xref target="RFC6482"/>, The Resource Public Key Infrastructure
-    (RPKI) to Router Protocol <xref target="I-D.ietf-sidrops-8210bis"/>,
-    RPKI-based Prefix Validation, <xref target="RFC6811"/>, and Origin
-    Validation Clarifications, <xref target="RFC8481"/>.</t>
+   <t>
+     It is assumed that the reader understands BGP, <xref
+     target="RFC4271"/> and Route Refresh <xref target="RFC7313"/>, the
+     RPKI <xref target="RFC6480"/>, Route Origin Authorizations (ROAs),
+     <xref target="RFC6482"/>, The Resource Public Key Infrastructure
+     (RPKI) to Router Protocol <xref
+     target="I-D.ietf-sidrops-8210bis"/>, RPKI-based Prefix Validation,
+     <xref target="RFC6811"/>, and Origin Validation Clarifications,
+     <xref target="RFC8481"/>.
+     </t>

-  </section>
+    </section>

-  <section anchor="ops" title="Operational Considerations">
+  <section anchor="ops" title="Operational Recommendations">

    <t>
      Routers MUST either keep the full Adj-RIB-In or implement this
@ -155,16 +159,22 @@

    <t>
      If the router has insufficient resources to support this, it
-      SHOULD not be used for Route Origin Validation.
+      MUST not be used for Route Origin Validation.
    </t>

  </section>

-<section anchor="Security" title="Security Considerations">
+  <section anchor="Security" title="Security Considerations">

    <t>
-     This document adds no additional security considerations to those
-     already described by the referenced documents.
+      This document describes a denial of service Route Origin
+      Validation may place on a BGP neighbor, and describes how it may
+      be ameliorated.
+    </t>
+    
+    <t>
+     Otherwise, this document adds no additional security considerations
+     to those already described by the referenced documents.
    </t>
    
  </section>
@ -196,6 +206,7 @@
    <?rfc include="reference.RFC.6480.xml"?>
    </references>

+<!--
  <section anchor="Acknowledgements" title="Acknowledgements">
      
    <t>
@ -203,6 +214,7 @@
    </t>
    
  </section>
+-->

 </back>