Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds

Job Snijders <job@fastly.com> Tue, 02 February 2021 18:55 UTC

Return-Path: <job@fastly.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34FAB3A104E for <opsawg@ietfa.amsl.com>; Tue, 2 Feb 2021 10:55:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XZGT9wNiE2D3 for <opsawg@ietfa.amsl.com>; Tue, 2 Feb 2021 10:55:35 -0800 (PST)
Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com [IPv6:2a00:1450:4864:20::442]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE2313A104D for <opsawg@ietf.org>; Tue, 2 Feb 2021 10:55:34 -0800 (PST)
Received: by mail-wr1-x442.google.com with SMTP id g10so21616905wrx.1 for <opsawg@ietf.org>; Tue, 02 Feb 2021 10:55:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=2PtMm10wqM9LUivFGfjzJyku8Uuzcpw7/b9EhCsQgAY=; b=wagrhB9k+AowUf926NWR+A3Q4OfTXCkDGyXdZxkEGNM07QEBSrJgIkhRnihcg0kwYI EJ0Mpp5/BsJNNwz6VOBhQY8l67EGdwkhgWWRsdC5aW3bStRGY+XzJHC9/ULhsxyFHomQ OEHALVArGdC2iC/xLQYZrMeAr9TUEswFYFrIU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=2PtMm10wqM9LUivFGfjzJyku8Uuzcpw7/b9EhCsQgAY=; b=iwOkr450uqTGyoqgJPDx7GGneAh7+rRhZNu6D6A0HhoXVv+JZJZv24Uf9y6eizf2XW 0cC5joEj9i4XndQlx3I9PewJU7AgsPlCEKYEvblDWrg5ikfRdc656ethWJp9OR9FYrmE 2Gk1M8ac2vSbENFaIf7rxCopkqQGbkWNiUxVP6Tw5JiWr7XySBSTZKbGdid84eEF3Jty zk347yKlHvQybdB+JGE2D81RZRhANYFReRvwtxOg98KI3nb0hcPkAgJ7eQyUHqykVuUJ dzAktjDbshYemK/mRoQUBXKbgV/VnUyOufUnjlzeVeF3R4Zu5y8aaya7uBXk7NO5LDJf revw==
X-Gm-Message-State: AOAM532OGB2vWw6h/sJKcpTUZMhfCy9B1g+jRcaL/PTbEy9sA9j4GI9P 7RtTtiGj9bKU9Zl3cSR1lNbFAL1wKMXqPzhozZFB3fdJ55BbGiamn2Sz3hEm3pk2TYPAt47dCOH Yh86Kd7SO2vQdekxFGhDvQRwDloelugWwPR4q5DCDaY8Pg/I37VpUwZte
X-Google-Smtp-Source: ABdhPJwRWUHvqAwUCWH+XT2PlWbz+UT3SNJnzg0YN1yct/8VQRe3hCCYO+EaI0O63WDfxP02FEL1+Q==
X-Received: by 2002:adf:8b47:: with SMTP id v7mr9350271wra.133.1612292132889; Tue, 02 Feb 2021 10:55:32 -0800 (PST)
Received: from snel (mieli.sobornost.net. [45.138.228.4]) by smtp.gmail.com with ESMTPSA id b7sm36943319wrs.50.2021.02.02.10.55.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Feb 2021 10:55:32 -0800 (PST)
Date: Tue, 2 Feb 2021 19:55:30 +0100
From: Job Snijders <job@fastly.com>
To: opsawg@ietf.org
Message-ID: <YBmgIsAsyhi04MJO@snel>
References: <BN6PR11MB1667D4EB91373CCB7F7A3F5AB8A09@BN6PR11MB1667.namprd11.prod.outlook.com> <YBhTmPpaH7d/w9L+@snel> <m2zh0mba1e.wl-randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <m2zh0mba1e.wl-randy@psg.com>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/xPe0IIFJ56cLrNLLnY6GjG89c70>
Subject: Re: [OPSAWG] WG LC: draft-ietf-opsawg-finding-geofeeds
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2021 18:55:37 -0000

Hi Randy,

On Tue, Feb 02, 2021 at 10:26:53AM -0800, Randy Bush wrote:
> folk trying to verify this are whining about some missing code

I'm not entirely sure what 'missing code' you are referring to. On
Debian Bullseye the required software can be installed using:

    $ sudo apt install openssl rpki-client

Pre-build binary packages exist for redhat, fedora, centos, gentoo,
freebsd, and ubuntu. See https://www.rpki-client.org/ +
https://www.openssl.org/ for portable source code.

The default installation of OpenBSD already contains all required tools
to perform the verification steps I described in my previous message.

The signature was produced through proprietary means, but for the
purpose of validating the signature & interopability testing that
shouldn't matter...  right?

Kind regards,

Job