IETF Logo Mail Archive

Re: [sidr] WGLC draft-sidr-rpki-rtr - take 2?

Matthias Waehlisch <waehlisch@ieee.org> Fri, 01 April 2011 20:16 UTC

Return-Path: <waehlisch@ieee.org>
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7ECA53A697D for <sidr@core3.amsl.com>; Fri, 1 Apr 2011 13:16:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.249
X-Spam-Level:
X-Spam-Status: No, score=-102.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q3nxSiglpr75 for <sidr@core3.amsl.com>; Fri, 1 Apr 2011 13:16:06 -0700 (PDT)
Received: from mail2.rz.htw-berlin.de (mail2.rz.htw-berlin.de [141.45.10.102]) by core3.amsl.com (Postfix) with ESMTP id 495FC3A6964 for <sidr@ietf.org>; Fri, 1 Apr 2011 13:16:06 -0700 (PDT)
Envelope-to: sidr@ietf.org
Received: from 8-0-80-78.tmcz.cz ([78.80.0.8] helo=mw-PC) by mail2.rz.htw-berlin.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.72 (FreeBSD)) (envelope-from <waehlisch@ieee.org>) id 1Q5kl8-000Bpn-1q; Fri, 01 Apr 2011 22:15:55 +0200
Date: Fri, 01 Apr 2011 22:17:44 +0200
From: Matthias Waehlisch <waehlisch@ieee.org>
To: John Scudder <jgs@juniper.net>
In-Reply-To: <289DB32D-D175-49DE-AA82-100407F64C23@juniper.net>
Message-ID: <Pine.WNT.4.64.1104012156360.4612@mw-PC>
References: <AANLkTimq3hcdK7-f_Pa9sWJJOTzF_GBLcYu36sB3WszN@mail.gmail.com> <AANLkTikfn_ZRQNQx0QLV7fJa8DDeqMa=yRqWUH4krMHD@mail.gmail.com> <AANLkTinV88U3cF6z51eNtPeF-xKG1aWVgALd06CPq4kE@mail.gmail.com> <m2d3l6cj2l.wl%randy@psg.com> <289DB32D-D175-49DE-AA82-100407F64C23@juniper.net>
X-X-Sender: mw@mail2.rz.fhtw-berlin.de
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-HTW-SPAMINFO: this message was scanned by eXpurgate (http://www.eleven.de)
X-HTW-DELIVERED-TO: sidr@ietf.org
Cc: Christopher Morrow <christopher.morrow@gmail.com>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] WGLC draft-sidr-rpki-rtr - take 2?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2011 20:16:07 -0000

Hi John,

On Fri, 1 Apr 2011, John Scudder wrote:

> > i propose that i rev the doc to say
> >  o the transport must provide authentication and integrity
> >  o the current ssh description is an example
> >  o other transport meeting the authentication and integrity constraints
> >    are welcome
> > 
> > of course, this will leave open the mandatory-to-implement LCD issue.
> > sigh.
> 
> I think we shouldn't punt on a mandatory transport.  I suggest TCP-MD5 
> for practical reasons, including the open source support issue Chris 
> raised.
> 
  I'm confused: Do you suggest TCP-MD5 as optional or mandatory?

  Defining TCP-MD5 as mandatory seems a bit risky as it is obsoleted by 
AO. I'm not sure how the IESG would react on this. On the other hand, if 
there are no real implementations for RFC5925 it seems useless for RTR, 
as well. Thus, I would stick to SSH (or something else that is 
well-deployed and not obsoleted).


Cheers
  matthias


-- 
Matthias Waehlisch
.  Freie Universitaet Berlin, Inst. fuer Informatik, AG CST
.  Takustr. 9, D-14195 Berlin, Germany
.. mailto:waehlisch@ieee.org .. http://www.inf.fu-berlin.de/~waehl
:. Also: http://inet.cpt.haw-hamburg.de .. http://www.link-lab.net

v2.23.0 | Report a Bug | By Email