IETF Logo Mail Archive

Re: [sidr] wg adoption call for draft-ymbk-bgpsec-rtr-rekeying-00.txt

Stephen Kent <kent@bbn.com> Mon, 26 March 2012 08:20 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3989E21F852E for <sidr@ietfa.amsl.com>; Mon, 26 Mar 2012 01:20:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.357
X-Spam-Level:
X-Spam-Status: No, score=-106.357 tagged_above=-999 required=5 tests=[AWL=0.242, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 57nRwt1Yxy6z for <sidr@ietfa.amsl.com>; Mon, 26 Mar 2012 01:20:48 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 40DEA21F84AA for <sidr@ietf.org>; Mon, 26 Mar 2012 01:20:48 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:59862 helo=[10.108.71.115]) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1SC5AF-000Hge-HR; Mon, 26 Mar 2012 04:20:31 -0400
Mime-Version: 1.0
Message-Id: <p06240805cb95d0cb60d4@[10.108.71.115]>
In-Reply-To: <CAL9jLabKPd1XyGrhgQSbHRtp-StRax2JRGLM_yi5fJGi7aJHHA@mail.gmail.com>
References: <24B20D14B2CD29478C8D5D6E9CBB29F60F6C0E99@Hermes.columbia.ads.sparta.com> <24B20D14B2CD29478C8D5D6E9CBB29F60F6C0EFE@Hermes.columbia.ads.sparta.com> <4F5E58EF.2000908@ieca.com> <CAL9jLabKPd1XyGrhgQSbHRtp-StRax2JRGLM_yi5fJGi7aJHHA@mail.gmail.com>
Date: Mon, 26 Mar 2012 03:58:25 -0400
To: Christopher Morrow <morrowc.lists@gmail.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: "Murphy, Sandra" <Sandra.Murphy@sparta.com>, "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] wg adoption call for draft-ymbk-bgpsec-rtr-rekeying-00.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2012 08:20:49 -0000

At 6:18 AM -0400 3/24/12, Christopher Morrow wrote:
><crickets>
>Hey folk,
>Is this draft stating something obvious and doesn't need to be
>documented? or are we in need of this doc to keep us all on the same
>page (us == ops + vendors) as to getting a cert created and installed
>on our lovely devices?
>
>If people could take a few minutes to read the 4 pages (minus
>boilerplate) and think/comment that would be nice.
>
>(for the record, it seems like documenting this is a good thing, from
>my perspective.)
>
>-chris

I think these issues need to be documented somewhere. It's helpful
to note motivations for central key generation (e.g., quick restoral
of service when a router fails and hardware is replaced), which
might otherwise be lost. Finally, we're working on a new cert provisioning
protocol in PKIX and this provides a basis for making sure this capability
is part of that protocol.

That said, it might make sense to combine this doc and the key rollover
doc that is another individual submission, of we want to reduce the
number of distinct SIDR docs.

Steve

v2.23.0 | Report a Bug | By Email