IETF Logo Mail Archive

Re: [core] Robert Wilton's No Objection on draft-ietf-core-resource-directory-25: (with COMMENT)

"Rob Wilton (rwilton)" <rwilton@cisco.com> Thu, 13 August 2020 18:18 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FC1D3A101E; Thu, 13 Aug 2020 11:18:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=X0ZSD1FG; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=SFvOZf9T
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45tDP8tujmMC; Thu, 13 Aug 2020 11:18:45 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E9A63A1002; Thu, 13 Aug 2020 11:18:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1540; q=dns/txt; s=iport; t=1597342725; x=1598552325; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=oV4Uhp02zsaGRlzhYG89YZqQ78Bcoay5+v1l1GkiLGg=; b=X0ZSD1FGpHS66Vbw5Fdo3YgE/HSrSL9szRkpeXlqyCX8l1Oa0ynkLjz1 sBSwSb6glpA4CnmcS1eT1MOuWoMKcMYQKqdLcssgPOIpqD2xsN8UjKIry tfow+2w0D+B18maipFjRK96KDLjQycfwGb5PWkTPIMkB2nhkHIWAn/S4q 0=;
IronPort-PHdr: 9a23:RbfAFBY0/3TjhOUYBtawCPP/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el21QaRD4Da97RJh/eF+6zjWGlV55GHvThCdZFXTBYKhI0QmBBoG8+KD0D3bZuIJyw3FchPThlpqne8N0UGHcfiIVDevy764TsbAB6qMw1zK6z8EZLTiMLi0ee09tXTbgxEiSD7b6l1KUC9rB7asY8dho4xJw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DfAQBggzVf/4kNJK1fDg0BAQEBAQEBAQUBAQESAQEBAwMBAQFAgUqBUlEHgUgvLAqHcgONWphnglMDVQsBAQEMAQEtAgQBAYRMAoJAAiQ4EwIDAQELAQEFAQEBAgEGBG2FXAyFcQEBAQQSKAYBATcBCwQCAQgRBAEBAR4QMh0IAgQOBQgahVADLgGndQKBOYhhdIE0gwEBAQWFLBiCDgmBOIJxiiAagUE/gRFDgk0+hC4Rg0iCLZJDh0OcJgqCYpo9gn6dF5QgnUoCBAIEBQIOAQEFgWojgVdwFYMkUBcCDY4fDBcUgzqKGD50NwIGCgEBAwl8jXKBMwGBEAEB
X-IronPort-AV: E=Sophos;i="5.76,309,1592870400"; d="scan'208";a="558565476"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Aug 2020 18:18:44 +0000
Received: from XCH-RCD-004.cisco.com (xch-rcd-004.cisco.com [173.37.102.14]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id 07DIIit0026175 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 13 Aug 2020 18:18:44 GMT
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by XCH-RCD-004.cisco.com (173.37.102.14) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 13 Aug 2020 13:18:44 -0500
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 13 Aug 2020 14:18:43 -0400
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 13 Aug 2020 13:18:43 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gpGNHGzbjIpjlPxcj01N4qSm3WNFDKnz84pg3EvAFKnwos7lmNBTX2smvqW28u1Zo8FtoRkA60r5dFFP9iFcvNTFShZ7D+4kigVYbu8h9q6+6S8lx5o+HlskeEvSLaH4MEDhsNVzJXTAZTh5XjvDDDyRV7SvD4IZrpmfoBdpuf5hBLpnDgbDVk1+MyDFtEUNpvOd3Z2EhOpeCBqiCxk6Xa9FxA7xiENSR94A49Xx02BWMCBr8WlODTE8q7LD0J0Tp/eZly4FEKycWmGf9BeoK+5ZGCriJZ8CUz5nzvLYcFLi6NEqSxY8aHYp5wPdH6UcYmkljApxljNU1vjCm9MOkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hr5MnSSE7geH5byLGgt+j9Q6kMzHEV1PVq00pzBbeMc=; b=YrUWL0+N39wU/dnj0PVdYqn34fmQHl1lWTRV/DQXLonPdWI390cleZgs7VtmuWE6BEMAXjL0JOZQTPEkpw0qZ4O5L0jF01xyTR20MWI7t14qbwQ3fi6DrknTJasjeTnCXxLmKZusQ29LsnLo2sRpYZzfn9G5EajnDBDC0j5Wd5zQYOr8WQr6FZAJCZIluwy5827elKMYFDCyuxoZgf+w+CbrP5HWps66VpzWCnde7V/ARxiOr/CAyIVTFnwILd4MyDQczmtJ49/Nz3Ako2PudEnIPRO7ff1a0HE2ucHWT3cRVhOXJJfb8nJbW0KIuB2id6hGR8UeA77GCYySkPC4gw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hr5MnSSE7geH5byLGgt+j9Q6kMzHEV1PVq00pzBbeMc=; b=SFvOZf9TJaQKytxfQSeGi/tHb2I5cLtszBWTO/SL81GcNk0azk3rbVcdrKjN6VXdavbjaNdNawvjuTIgx6j17cwORIQKztoFIlaIh2MNCAUNBBgta+06pC4H83d3Film2QwjPjg7CNi7ZGaQEylvrXhVBvNWGFLmgkp0/R4MHJs=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by MN2PR11MB4533.namprd11.prod.outlook.com (2603:10b6:208:264::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.16; Thu, 13 Aug 2020 18:18:42 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::4d3f:f3e:add7:dfc1]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::4d3f:f3e:add7:dfc1%3]) with mapi id 15.20.3261.025; Thu, 13 Aug 2020 18:18:42 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Benjamin Kaduk <kaduk@mit.edu>
CC: The IESG <iesg@ietf.org>, "draft-ietf-core-resource-directory@ietf.org" <draft-ietf-core-resource-directory@ietf.org>, "jaime@iki.fi" <jaime@iki.fi>, "jaime.jimenez@ericsson.com" <jaime.jimenez@ericsson.com>, "core-chairs@ietf.org" <core-chairs@ietf.org>, "core@ietf.org" <core@ietf.org>
Thread-Topic: Robert Wilton's No Objection on draft-ietf-core-resource-directory-25: (with COMMENT)
Thread-Index: AQHWcZ1fKy1c8KgRNU2XAzyuvxbg7ak2WQDQ
Date: Thu, 13 Aug 2020 18:18:42 +0000
Message-ID: <MN2PR11MB4366C394F14B18BC0506ECF3B5430@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <159732268335.29656.5724379569570361825@ietfa.amsl.com> <20200813181242.GA92412@kduck.mit.edu>
In-Reply-To: <20200813181242.GA92412@kduck.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [64.103.40.25]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 49aca769-9883-42ad-d623-08d83fb54f5a
x-ms-traffictypediagnostic: MN2PR11MB4533:
x-microsoft-antispam-prvs: <MN2PR11MB45337A998049B7398BFD955AB5430@MN2PR11MB4533.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /gSTpNiBA9GmrByBt2GBWeDnL7QkP3+Fy0z2VMsf8Qk4+/t0m+/F/gHTfF4L0i0afQJj5+tl9b49QWT2N0ND32P1kmn/GrmuaWZqbdqILNjF2c5k4aNn9yAb7ZMQSgJqyZ2SS/GwMrHAdzDPzRoxJ0bdve2tMepY5yIU7VGwszu/iB3lnNBabsppdawI6MCe2RMJZ61K9AKCxnqPGjAVT+DBpmxIT4dTveJYXpoqUK0+W0s9Z7yUa5y1CPp5WuM9kJrPlXAfrPm/Wqsb3VjHiYDe4jKY5Q07ZxQ3kHzJjVyhmZte2iFLby4CtXeF/YVGLQQrRY/MoJ4XBrISeg8SIw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4366.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(39860400002)(376002)(346002)(366004)(71200400001)(7696005)(8936002)(9686003)(26005)(86362001)(54906003)(53546011)(64756008)(478600001)(6506007)(186003)(8676002)(4326008)(76116006)(316002)(66446008)(2906002)(66476007)(66946007)(66556008)(6916009)(52536014)(33656002)(5660300002)(83380400001)(55016002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: WLVLIe4MjOPu8t8e/xS7NGomWqvZ68LZXGDyfw9NIVB+FTPZdREiu2WdQHYDpFhce6BnNqykYaW4jCYIju5LZQMrQxzBklv2VeVu3j8uZPqp6QGhVy+XnzR229LcAZQcWds++7hp8S+R/tGoLINkuUEPK91/yOZno4LYcT6nHNCq5n4MXC4DcHrjAVTiyNffACuoDIK0E/EZYs+5zCSopa9Qazbv82o3Jfoci7UIV8RUq1uExQyOt6pbE+rN4sTnvKuAHl+iBX0WIIOEGzIuI8UdydCjjXUGl0QVw6Fw/b0AoBf5YJLvZHyPGH/JxW/iSlhQUWc7axVJyDIv9q1Jtaa2wbTHIyzcl22MWX9gAtxIrpgzYB5lgz++JZtMXMPwxjrUqiqBIwhy47aKPZKvweACpuP8pMzUN2JSznOn69vV/HRVaTqpWU283QMJQdodiuZXhv60NayaxkFPlAsd9mgRTK7+LkSTVa/f+4A4ir9DxAx1fyuqwj+/HT3r+ROctzMDucQedBcQ8rUoCuLxJDN6M4yp8mKSJbv8NxHKmdILlRgljRFcocrndXFUO8ll8azkhEX4nRkSg3Krpic2GYzwfy/4SyY1zTsCejimr4hIsNtmwvbGGvUlb4172gu5UvuBab9nrng2LaZKPeDAFQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4366.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 49aca769-9883-42ad-d623-08d83fb54f5a
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Aug 2020 18:18:42.3740 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jNH2rQeYdoh88aGgV0OvHyG7atFAzdR5atNgAuUCtOCKYGEb5wbjY8OFRojSEur6P4No+mI/JJNqmQc3NJBRpA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4533
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.14, xch-rcd-004.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/ljlHlAXf-tIOTmeYkeA2aAp99m0>
Subject: Re: [core] Robert Wilton's No Objection on draft-ietf-core-resource-directory-25: (with COMMENT)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2020 18:18:48 -0000

Ben, 

Thank you for the clarification/explanation.

Regards,
Rob


> -----Original Message-----
> From: Benjamin Kaduk <kaduk@mit.edu>
> Sent: 13 August 2020 19:13
> To: Rob Wilton (rwilton) <rwilton@cisco.com>
> Cc: The IESG <iesg@ietf.org>; draft-ietf-core-resource-directory@ietf.org;
> jaime@iki.fi; jaime.jimenez@ericsson.com; core-chairs@ietf.org;
> core@ietf.org
> Subject: Re: Robert Wilton's No Objection on draft-ietf-core-resource-
> directory-25: (with COMMENT)
> 
> On Thu, Aug 13, 2020 at 05:44:43AM -0700, Robert Wilton via Datatracker
> wrote:
> >     5.3.  Operations on the Registration Resource
> >
> >        An endpoint should not use this interface for registrations that
> it
> >        did not create.  This is usually enforced by security policies,
> which
> >        in general require equivalent credentials for creation of and
> >        operations on a registration.
> >
> > What happens if an endpoint is managing the registration and is upgraded
> to new
> > hardware with a different certificate?  Would the updated endpoint
> expect to be
> > able to update the registration?  Or would it have to wait for the
> existing
> > registration to timeout (which could be a long time)?
> 
> Generally the authorization information in the certificate is just stored
> in the subject (i.e., subjectAltName) of the certificate, so a new
> certificate for the same name would pass the same authorization checks
> (i.e., be "equivalent credentials").
> 
> -Ben

v2.23.0 | Report a Bug | By Email