Re: [sidr] Spencer Dawkins' No Objection on draft-ietf-sidr-delta-protocol-07: (with COMMENT)
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Thu, 16 February 2017 17:22 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F7D31294B9; Thu, 16 Feb 2017 09:22:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lQK81A3O-_jR; Thu, 16 Feb 2017 09:22:11 -0800 (PST)
Received: from mail-yb0-x22c.google.com (mail-yb0-x22c.google.com [IPv6:2607:f8b0:4002:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DAED129483; Thu, 16 Feb 2017 09:22:11 -0800 (PST)
Received: by mail-yb0-x22c.google.com with SMTP id w194so6137049ybe.0; Thu, 16 Feb 2017 09:22:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JCR3Qn1GYWFZ31lgC2sKExmAvoR3VpgvBOvFgiQhgAc=; b=N9CFLTGQnF1uGS8x8rkJ+dpqTmu5TCL1ZQ7rtEYlmLX78qBvMTBXKChE3Gf3BGkPUn ZybysIyPdFS7GSGEcLE0g+YAaBd3/R9TwCeyvwQd1Q7tDg1uI3/p4/I6F++RVUpPf8og xyyKu1+5NOKUv4Q+Uov386H6d2Gq9JV9frvjgZS7v0RiujXnNR7GBfCzIB7h+OicgEUG bjA549ACqO4TeX4a7pr60DthvlIHI+ia28MK8mx2tTjDzWwHeW3IptThzUUleun6P9Re s7B98lP4+CBL9x6BzZHa0q8/9tA/5a4/jWBYyUMeB2UFPYmPUQbzoE30ywmkPbQ/Lc6T NgpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JCR3Qn1GYWFZ31lgC2sKExmAvoR3VpgvBOvFgiQhgAc=; b=hTd64i/+U4RENw2kROeV4bPFAmd4itugwVQboVbmXCqI3MMIOaUrMbQdVMkgnVpiUg Fgup56eP+iNniA0WCsrPx5R3ptt7t0LOVji9UIlNrp+SK3PqZXyK9i4NA2hvEVja3Vh1 Fi6gYZrtySpUgc2mK71/4quGDcKCLFIYNJ4ET6yxqKfrKbUbKANKLAIFBTu52x8WmaoB cY+Z/bB5iqtvyxrOivBnSY9+s7nMk43t5UA2t8K/Rdkx/DP82ZLjCCOPGATKLTZfkFiF casJHuUVifMyowwnaYr23OeMxQtNswu815pTVyX6D2uFukvpRAW15q/PtxiGrHoNePcF 1/ag==
X-Gm-Message-State: AMke39kR2zZS1bh0l+YlfmcFapFrKdCeQe43cUMiAMINREC+Zqc+++GwNhlaNd8ZWNW9II2qSxYUzXF4dzUMLQ==
X-Received: by 10.37.44.199 with SMTP id s190mr2466547ybs.22.1487265730333; Thu, 16 Feb 2017 09:22:10 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.234.9 with HTTP; Thu, 16 Feb 2017 09:22:09 -0800 (PST)
In-Reply-To: <FFA004B6-F2F3-4389-9242-FB72756F097C@ripe.net>
References: <148722406650.31533.1672555654116871127.idtracker@ietfa.amsl.com> <FFA004B6-F2F3-4389-9242-FB72756F097C@ripe.net>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Thu, 16 Feb 2017 11:22:09 -0600
Message-ID: <CAKKJt-fE4Fx5Uw6rJ1hLshv=0Lri4bZ6RqWhnOtfY3O0p5_=+A@mail.gmail.com>
To: Tim Bruijnzeels <tim@ripe.net>
Content-Type: multipart/alternative; boundary="001a114320908b330e0548a90983"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/7D5SgCoMeqOdxf-n-kqNCK0jna0>
Cc: draft-ietf-sidr-delta-protocol@ietf.org, morrowc@ops-netman.net, sidr-chairs@ietf.org, The IESG <iesg@ietf.org>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] Spencer Dawkins' No Objection on draft-ietf-sidr-delta-protocol-07: (with COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2017 17:22:12 -0000
Hi, Tim (responding here, but I also saw Oleg's reply), On Thu, Feb 16, 2017 at 9:26 AM, Tim Bruijnzeels <tim@ripe.net> wrote: > Hi Spencer, all, > > On 16 Feb 2017, at 06:47, Spencer Dawkins <spencerdawkins.ietf@gmail.com> > wrote: > > > > Spencer Dawkins has entered the following ballot position for > > draft-ietf-sidr-delta-protocol-07: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria. > html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-sidr-delta-protocol/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > I’m not skilled in the art of RPKI, so perhaps I lack imagination, but > > I'm not understanding why these two SHOULDs aren't MUSTs. I'm not asking > > for a change, but if the document included explanations of why an > > implementation might not do the SHOULDs, some readers might thank you. > > > > The RP SHOULD add all publish elements to a local storage and > > update its last processed serial number to the serial number of > > this delta file. > > corner cases: the RP already added this same object so strictly speaking > it's1 already there, the object is 5TB in size? I'm sorry this wasn't clear - the SHOULD applies to two actions ("and"), and I was thinking about the second action. Why would an implementation not update its last processed serial number? Would things still work? I agree that many RPs might not have a few terabytes lying around ... > I don't think I can enumerate all corner cases, and believe the document > should not try to go there. Agreed. I was trying to understand what a corner case would look like, not asking for a complete list of all corner cases. > > > > The RP SHOULD NOT remove objects from its local storage solely > > because it encounters a "withdraw" element, because this would > > enable a publication server to withdraw any object without the > > signing Certificate Authority consent. The RP could use > > additional strategies to determine if an object is still relevant > > for validation before removing it from its local storage. In > > particular objects should not be removed if they are included in > > a > > current validated manifest. > > I can live with a "MUST NOT remove" here, but not sure that others agree. > I saw that Oleg replied "but what if you don't even have local storage?" That's fair, but is that the only reason this isn't a MUST? Removing an object without consent from the signing Certificate Authority just seems unfortunate, and the SHOULD allows that. And thanks for the quick responses, both of you. Spencer > > > > > > _______________________________________________ > > sidr mailing list > > sidr@ietf.org > > https://www.ietf.org/mailman/listinfo/sidr > >
- [sidr] Spencer Dawkins' No Objection on draft-iet… Spencer Dawkins
- Re: [sidr] Spencer Dawkins' No Objection on draft… Tim Bruijnzeels
- Re: [sidr] Spencer Dawkins' No Objection on draft… Oleg Muravskiy
- Re: [sidr] Spencer Dawkins' No Objection on draft… Spencer Dawkins at IETF