IETF Logo Mail Archive

[secdir] secdir review of draft-ietf-sidr-delta-protocol-05

David Mandelberg <david@mandelberg.org> Sat, 28 January 2017 21:29 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35A19129DC5 for <secdir@ietfa.amsl.com>; Sat, 28 Jan 2017 13:29:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8LHRCiQHdt8 for <secdir@ietfa.amsl.com>; Sat, 28 Jan 2017 13:29:58 -0800 (PST)
Received: from nm6-vm1.access.bullet.mail.bf1.yahoo.com (nm6-vm1.access.bullet.mail.bf1.yahoo.com [216.109.114.144]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DA1E129DC8 for <secdir@ietf.org>; Sat, 28 Jan 2017 13:29:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1485638996; bh=ghtgTJCnF9b0fy1QP2kG5HzGMXnBpDTvnIwJaw5MTxc=; h=To:From:Subject:Date:From:Subject; b=aOCrbRhDFUXlaUqmesQtuL37WkqmM8a39/Zk/B25WmfRpb9Rtei/rV5SYH55ps9bIIcpGlXKQfzSyoaXZgbkLiGnSdtpsZhwz8CsRY+EA5MxDzW+x621r5RW4VJxWziT1tHzqsEK8Fi19o8Et0v9MC8WqiLE/n2HX+e4/8QdLFUc22pbPhLqAt23THP46AfOdtdToStgxwli4x6dx9rz/WVdfX7a18/ParHX75vE2hhc/CiRT+wUnS1u1W/sfvwRJDJZDWbR7gpoGyWYzdiq1jxXNoReLCvjB1poRsnxseSpVHo17psuKPzYicBL5yZoEu7H3Xf0BR97yu849KpMow==
Received: from [66.196.81.159] by nm6.access.bullet.mail.bf1.yahoo.com with NNFMP; 28 Jan 2017 21:29:56 -0000
Received: from [98.138.104.98] by tm5.access.bullet.mail.bf1.yahoo.com with NNFMP; 28 Jan 2017 21:29:56 -0000
Received: from [127.0.0.1] by smtp118.sbc.mail.ne1.yahoo.com with NNFMP; 28 Jan 2017 21:29:56 -0000
X-Yahoo-Newman-Id: 92631.60093.bm@smtp118.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: Ush9WqsVM1ksmkxn7GCU8QWfBa3yAhPlnzf3EaHcKYNiGGz 7V_4fGe7rrIaT2XM3uNGyZgU0xQ7ZqS34ePXSjwQoUSWA.ofuehs8aFOTLnC oEC8_VaXEnNYbz5nIv.NuDnZvUXX6Kyyh4ZWMeU335CzKRBGjktr5jR.cWqP o8LHj2eJelJIweMxwBdHfgl2wRYZWa5Ez5KyKwT3J5vq6oTcXURJY31iDDKv Khl7aY5ILsJbc4wiInHMlVy4lmn744nL.K.pjKG0pKjU2hPqgqbb0CDoFCr1 pfWyilS3_BHTaSapZQgx9aQxyQmfskcI_df4Npz0sNqf7c6qXnwXFMyEA5yH VMoPY5cDFCZIfHKcGUqizmCkfCM8U2i077rkiwMYVOtkQkgek105T_XUwovn VIii2LggD9QNRVE3Gya8cdXI3lKf9n.pKwDJus.ZqBZGTEYEUY53Q37ciVUS b104RBG.uJZCNSnEBobV8xIcxt5ZZt6cl_FzWUcFqaQp4O.0RhYFuLE9yp87 TJvSMY8Q8lKuZCLkrGsXBEvV3MJEnUubeIQ--
X-Yahoo-SMTP: 4kJJK.qswBDPuwyc5wW.BPAQqNXdy5j09UNyeAS0pyOQ708-
Received: from [192.168.1.152] (DD-WRT [192.168.1.1]) by uriel.mandelberg.org (Postfix) with ESMTPSA id 9AA4F1C602E; Sat, 28 Jan 2017 16:29:54 -0500 (EST)
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-sidr-delta-protocol.all@ietf.org
From: David Mandelberg <david@mandelberg.org>
Message-ID: <8bee5b64-8b54-99f4-3e86-f6450f664fd6@mandelberg.org>
Date: Sat, 28 Jan 2017 16:29:50 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="1Gwcx7Rlc96pit44mfgtPwVrSiETRhUBi"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0k-eBFbrxE6D84dU8l2ri_8QKGY>
Subject: [secdir] secdir review of draft-ietf-sidr-delta-protocol-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Jan 2017 21:29:59 -0000

Hi,

I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document provides a new way for RPKI Relying Parties to download
RPKI objects. As mentioned in the Security Considerations, those objects
are already cryptographically signed. The RRDP protocol provides some
additional security to the download process, with no changes to the
security properties of the RPKI objects themselves.

I think this document is Ready with nits.


3.3.2: It seems strange to me that you use MUST when talking about the
timing/performance of the repository server. Is this relevant to
security? Or is there another reason for a MUST?

3.4.2: I think "update its last processed serial number to the serial
number of this snapshot file" should say "delta file" instead.

3.4.5: I'd recommend changing "in case of network issues" to "in case of
network issues, or temporary failures of the repository server(s) or
caching infrastructure".

3.5.1.2: I think the last paragraph might make it harder for the server
to recover from a temporary overload, since it can't tell clients to
wait longer than 1 minute before re-fetching. It seems to me that
letting the clients get a few minutes out of date until the server
operator can provision more capacity is better than accidentally DoSing
the server.

3.5.4: Why is serial not an xsd:positiveInteger? Section 3.3.1 says that
serials start at 1.

-- 
David Eric Mandelberg / dseomn
http://david.mandelberg.org/

v2.23.0 | Report a Bug | By Email