IETF Logo Mail Archive

Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)

Brian Dickson <brian.peter.dickson@gmail.com> Mon, 14 May 2012 14:27 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1276921F84FF for <sidr@ietfa.amsl.com>; Mon, 14 May 2012 07:27:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.538
X-Spam-Level:
X-Spam-Status: No, score=-3.538 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QV4LMUd0mLOe for <sidr@ietfa.amsl.com>; Mon, 14 May 2012 07:27:36 -0700 (PDT)
Received: from mail-wg0-f42.google.com (mail-wg0-f42.google.com [74.125.82.42]) by ietfa.amsl.com (Postfix) with ESMTP id E456921F850C for <sidr@ietf.org>; Mon, 14 May 2012 07:27:35 -0700 (PDT)
Received: by wgbds11 with SMTP id ds11so3436285wgb.1 for <sidr@ietf.org>; Mon, 14 May 2012 07:27:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=xP/iYbCGP4rfgLiTeEWP1KisJP+4Cm9y5AzSnpO+Dms=; b=XYSJpG0d9gKZqBgSjdcCRyswGGk1ZkzxZUKSAxJklTzyYq3fBMl+Ks0W0HREI39AVC xsygx/vosGH8hKM5+A3tB7Q3WosVHinbgCHKp8Fax0m6kLNxkT644XWVmOmI8bWUfRD8 vySlkfZDTLQLYspvftvgNRj1K+ziQWhX8uDQTUzCB+QvrJORl5TI2CqxGAy9MAZRp8Ec Tj953q885jS69F3RSi7qTJftE2rFsqgwP7A+cOQ6aQrXp1gURh+p+pqtT6ESJSps+eCt pSng4W36bsvYFRhC/o9Md/lQq8tFlZCL2G5AXV9wB1d/XmljxQ8uPYSGan0nRlQaqhem HAEA==
MIME-Version: 1.0
Received: by 10.180.87.35 with SMTP id u3mr20414593wiz.11.1337005654943; Mon, 14 May 2012 07:27:34 -0700 (PDT)
Received: by 10.223.39.19 with HTTP; Mon, 14 May 2012 07:27:34 -0700 (PDT)
In-Reply-To: <CAL9jLabs4RtS-EsHP6DwtMbsQz6GJSCZrv24N118HMHYCDe_Sg@mail.gmail.com>
References: <CAH1iCiruThFzpef5u9NVt+3AokGnuFhq-GrbqEOkkKnVhav4zQ@mail.gmail.com> <CAL9jLab2XT-4NWr8KyHKOiQMTWqE5cTavmEr4Uw+S4zhrA=YLA@mail.gmail.com> <CAH1iCiq3so54pE9XBM5Bp13xaERbmShipmCg=ckEySiDsh5ZPQ@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B990A66A8@MBCLUSTER.xchange.nist.gov> <CAH1iCirMKm1TbtBzWSKy=vHGLdYHvbtnXcwO1G9aG00n3DXmyw@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B990A6710@MBCLUSTER.xchange.nist.gov> <D7A0423E5E193F40BE6E94126930C4930B990A6716@MBCLUSTER.xchange.nist.gov> <CABFLmSTVmEUMYZmXNkbhSac0_jb0o-2nPG2_58Si0SGmF0podA@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B985DEF48@MBCLUSTER.xchange.nist.gov> <24B20D14B2CD29478C8D5D6E9CBB29F60F70871E@Hermes.columbia.ads.sparta.com> <CAH1iCio4_PaLFACs_cDZRV9c3iYhn93XqCrQrR5PD48bpyM3BA@mail.gmail.com> <CAL9jLab0aSJBpQTtbNLq_qLbxwhXj7Y3-_aqZVeMPoTB5C8DTA@mail.gmail.com> <CAH1iCioDW_mBWNyMy8K-jOrjdNqtnpQjdneSvWdRg0NWLNYV3w@mail.gmail.com> <CAL9jLabs4RtS-EsHP6DwtMbsQz6GJSCZrv24N118HMHYCDe_Sg@mail.gmail.com>
Date: Mon, 14 May 2012 10:27:34 -0400
Message-ID: <CAH1iCioSxfswyorBr8R+VpHCDcMqyA9QqYgog7C3wcoh17mRMw@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
To: Christopher Morrow <morrowc.lists@gmail.com>
Content-Type: multipart/alternative; boundary="f46d044402be20265a04bfffe3d0"
Cc: "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>, "Murphy, Sandra" <Sandra.Murphy@sparta.com>, "sidr wg list (sidr@ietf.org)" <sidr@ietf.org>
Subject: Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2012 14:27:37 -0000

We can't do the crypto without HW on some of the routers involved in
deployment of bgpsec.

I've heard just about everyone say that, quite possibly including yourself.

One of the reasons for questioning the choice of crypto, is exploring the
feasibility of solutions which do not require on-router HW for doing
signing.

Brian

On Fri, May 11, 2012 at 9:23 PM, Christopher Morrow <morrowc.lists@gmail.com
> wrote:

> On Fri, May 11, 2012 at 5:27 PM, Brian Dickson
> <brian.peter.dickson@gmail.com> wrote:
> > The argument that "we can't do the crypto without HW"
>
> i didn't see anyone say that though.
>

v2.29.0 | Report a Bug | By Email | System Status