Re: [sidr] RPKI: Are relying parties really supposed to validate DER encoding?

Alberto Leiva <ydahhrk@gmail.com> Thu, 10 January 2019 23:00 UTC

Return-Path: <ydahhrk@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDACF1312B8 for <sidr@ietfa.amsl.com>; Thu, 10 Jan 2019 15:00:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZk0wzDm-RYd for <sidr@ietfa.amsl.com>; Thu, 10 Jan 2019 15:00:17 -0800 (PST)
Received: from mail-wr1-x429.google.com (mail-wr1-x429.google.com [IPv6:2a00:1450:4864:20::429]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4962B130EFC for <sidr@ietf.org>; Thu, 10 Jan 2019 15:00:17 -0800 (PST)
Received: by mail-wr1-x429.google.com with SMTP id x10so13205167wrs.8 for <sidr@ietf.org>; Thu, 10 Jan 2019 15:00:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Riy1pX2WnxyqQCU7cIIJ4k8ybnPk/isI/OmZiVJeHt8=; b=kQ1n/2eGzzGJGGxahGoCas8jSodOIvf7+9lYPCReXg5kVk1pq6Uyq+jrX6yQCFhwzq jud3vfMoZp1iWBvQJnKyzbrDZ3D9pZi/jO1uJLJ7vZ6+FLnV9TU3+PgP1AEZRFWA5wvb KUU/i8/t03bWMg3c+Z8YOn6s/ihewTnFzL/TMP0GVjGVZweJmIesy3cH0jGIUJtA3tyx mDQLqJcAG/VDrAW1MsDioZnt1wmfPnUd0zEZJ/9T02OT0DALr2N8GVoIMybfkBlUGMYW U7/1OHmt8zIXsyqa6YNBLdIFBADdQq6VG2XocWIQ3XAN60sH6rBTSjipaf3Aj9BHfS3a fOJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Riy1pX2WnxyqQCU7cIIJ4k8ybnPk/isI/OmZiVJeHt8=; b=nz1o7GWVSjb5Lb1P4dz6AcKNCrTsWGAoF1RoWBdaM7lU0+TCNK1rW8DOLZSJ8IZ7Mu X27FGExu+m2XoE0lzDai225x+pfmPAnaUJ3eBlRMGXfF76FeTq2LCkAsA5r025oho/yU BwBvHuOaATd1HTcfgI1wvoa/4Hu10h8YWN1baKVdagrHyg+tAgzG7KZm5UKrouMMAlkC U0Ss6LC0kU8yRS1PTr0YoAie5TmQEMUYsWtueJVjuWLNIhL6wpv98ZGNmBmPl+GFSjx1 paE55RFhLiNn4dusnLilAyxlqdFyYhvjeUWNY7m/UA57o5jbmWNaZin0nUsjMRGgtLia ewZQ==
X-Gm-Message-State: AJcUukcBMar7pqMONQRMlFwiAYvbbtmX7JCDp7gqYCWl1UssmPnWJkfp zdzuTd5H8KXqpplNmgAsGnfBKPNO5ziDbjjPwWdZnQ==
X-Google-Smtp-Source: ALg8bN7dWyL2e0kHuDpVChdRmwHJxGvJ7ZYgSLUIK+OxEv+MqVC0BvylCstYBWpEX6C0AdGIVfyx4eWmQMnWRv7R9B8=
X-Received: by 2002:adf:b307:: with SMTP id j7mr11811913wrd.46.1547161215718; Thu, 10 Jan 2019 15:00:15 -0800 (PST)
MIME-Version: 1.0
References: <CAA0dE=X-hjb8UY6Gm_QJP+Vwqp5d8ho6rjYxZ4vSVF9SctAN_g@mail.gmail.com> <C6527D42-1457-4F51-A345-4242B78E3535@vigilsec.com>
In-Reply-To: <C6527D42-1457-4F51-A345-4242B78E3535@vigilsec.com>
From: Alberto Leiva <ydahhrk@gmail.com>
Date: Thu, 10 Jan 2019 17:00:04 -0600
Message-ID: <CAA0dE=V_R1M82RPMOwEp=7pQ0aTFTiZUgCi5jTWMN=Xd=EqdEA@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: IETF SIDR <sidr@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/7soQFAR5JVTJjxPu1urf2ALog-A>
Subject: Re: [sidr] RPKI: Are relying parties really supposed to validate DER encoding?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jan 2019 23:00:20 -0000

Ok, thanks.

On Thu, Jan 10, 2019 at 4:39 PM Russ Housley <housley@vigilsec.com>; wrote:
>
> See the Section on DER encoding at https://en.wikipedia.org/wiki/X.690.
>
> > On Jan 10, 2019, at 5:26 PM, Alberto Leiva <ydahhrk@gmail.com>; wrote:
> >
> > Hello.
> >
> > I have a question:
> >
> > RFC 6488 section 3.1.l (https://tools.ietf.org/html/rfc6488#section-3)
> > wants relying parties (RPs) to validate that all RPKI signed objects
> > are DER-encoded, which (I think) means that they must be BER-encoded
> > with minimal and unique representations.
> >
> > But I have found at least one other requirement that seems to
> > contradict this: RFC 6482 section 3.3, fourth paragraph, second half,
> > claims that a ROA (which is a signed object) is allowed to contain
> > redundant ROAIPAddress elements.
> >
> > Furthermore, RFC 3779 (which is meaningfully referenced by the ROA and
> > RPKI certificate (6487) RFCs) states the following:
> >
> >   relying parties do
> >   not need to sort the information, or to implement extra code in the
> >   subset checking algorithms to handle several boundary cases
> >   (adjacent, overlapping, or subsumed ranges).
> >
> > Which seems to be paraphraseable as "RPs can parse signed objects as
> > if they were BER-encoded, without worrying about DER."
> >
> > In fact, my reading of it is that the entirety of RFC 3779 seems to be
> > of the mind that IP and AS extension writers are intended to strictly
> > adhere to DER specifically for the sake of simplifying the task of
> > RPs. RFC 6488, on the other hand, wants both to be strict.
> >
> > So what's the consensus?
> >
> > _______________________________________________
> > sidr mailing list
> > sidr@ietf.org
> > https://www.ietf.org/mailman/listinfo/sidr
>