Re: [sidr] RPKI validator testing summary

Andrew Chi <achi@bbn.com> Tue, 06 December 2011 16:48 UTC

Return-Path: <achi@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EC0921F8A55 for <sidr@ietfa.amsl.com>; Tue, 6 Dec 2011 08:48:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.024
X-Spam-Level:
X-Spam-Status: No, score=-6.024 tagged_above=-999 required=5 tests=[AWL=0.575, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07KJcBms8sNM for <sidr@ietfa.amsl.com>; Tue, 6 Dec 2011 08:48:28 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 5F37221F893C for <sidr@ietf.org>; Tue, 6 Dec 2011 08:48:28 -0800 (PST)
Received: from dhcp89-089-139.bbn.com ([128.89.89.139]:51561 helo=[127.0.0.1]) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <achi@bbn.com>) id 1RXyBv-0007jA-Pa; Tue, 06 Dec 2011 11:48:27 -0500
Message-ID: <4EDE4758.30603@bbn.com>
Date: Tue, 06 Dec 2011 11:48:24 -0500
From: Andrew Chi <achi@bbn.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>
References: <4ED64E04.7030408@bbn.com> <E3871AC3-6960-433A-8A34-7F10087A7EC7@apnic.net> <E03612FA-E271-4243-AE29-858D242B91CE@apnic.net> <m2r50m8gk2.wl%randy@psg.com> <1BADD28A-5808-48BB-A85D-275ED141D2D8@apnic.net> <m2liqu8aw4.wl%randy@psg.com> <4EDE40B0.8090903@bbn.com>
In-Reply-To: <4EDE40B0.8090903@bbn.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: sidr wg <sidr@ietf.org>
Subject: Re: [sidr] RPKI validator testing summary
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Dec 2011 16:48:29 -0000

On 12/6/2011 11:20 AM, Andrew Chi wrote:
> Note that Local TA is unaffected; that "tree" is shallow, locally
> managed, and processed in a manner that doesn't require AIAs.

I wrote that quickly and might have been unclear.  The AIA for every 
paracert points to the Local TA publication point.  Thus, that tree has 
height 1.  If you trust the local trust anchor, then you have already 
have it, and there's no need to "chase upward" to go looking for it.