Re: [secdir] Secdir review of draft-ietf-sidr-repos-struct-07

Stephen Kent <kent@bbn.com> Thu, 19 May 2011 14:44 UTC

Return-Path: <kent@bbn.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E17E1E07C4; Thu, 19 May 2011 07:44:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.299
X-Spam-Level:
X-Spam-Status: No, score=-105.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sydkZdW7CEZk; Thu, 19 May 2011 07:44:16 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 0C070E075E; Thu, 19 May 2011 07:44:16 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:57968 helo=[207.248.65.214]) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1QN4SU-00064k-FD; Thu, 19 May 2011 10:44:15 -0400
Mime-Version: 1.0
Message-Id: <p06240802c9fadb3a9165@[207.248.65.214]>
In-Reply-To: <427D4174-E04F-4C2B-BBFA-D445A4682601@cisco.com>
References: <427D4174-E04F-4C2B-BBFA-D445A4682601@cisco.com>
Date: Thu, 19 May 2011 10:42:59 -0400
To: Joe Salowey <jsalowey@cisco.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Cc: draft-ietf-sidr-repos-struct.all@tools.ietf.org, The IESG <iesg@ietf.org>, secdir@ietf.org
Subject: Re: [secdir] Secdir review of draft-ietf-sidr-repos-struct-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 May 2011 14:44:17 -0000

Joe,

I'm not a co-author, but ...

>I have reviewed this document as part of the security directorate's
>ongoing effort to review all IETF documents being processed by the
>IESG.  These comments were written primarily for the benefit of the
>security area directors.  Document editors and WG chairs should treat
>these comments just like any other last call comments.
>
>In general the draft looks useful, but I think there are a few 
>things that need to be addressed before publication. 
>
>1.   The document asks for a registration for the extension  .roa 
>for Route Origination Authorization, but the discussion of this type 
>is absent from the rest of the document.

good point. the doc should contain a cite of the ROA format I-D.

>2.   In section 2.2 under certificates it would probably be good to 
>specify the encoding of the certificate since there are different 
>encodings in use (DER, Base64,etc).

god point, although the same concern applies to CRLs too. DER is the 
mandated encoding for certs and CRLs when they are signed, but 
storage encodings do need to be specified.

>3.   The document is not very specific on what signed objects may 
>consist of.   The security considerations section points out that 
>the repository itself does not provide integrity protection.  The 
>security considerations section should probably also mention that 
>confidentiality is also not provided by the repository or by the 
>signed objects (unless there is some mechanism used to ensure the 
>confidentiality of the data which would need to be specified)  and 
>that data that requires controlled access should not be included in 
>signed objects in the repository.

A cite of the signed objects I-D should be included, as that addresses
you question.

Steve