Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-01.txt

Sean Turner <turners@ieca.com> Wed, 28 March 2012 14:46 UTC

Return-Path: <turners@ieca.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F4A621E8255 for <sidr@ietfa.amsl.com>; Wed, 28 Mar 2012 07:46:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.272
X-Spam-Level:
X-Spam-Status: No, score=-102.272 tagged_above=-999 required=5 tests=[AWL=-0.007, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bhtjWL1obDHc for <sidr@ietfa.amsl.com>; Wed, 28 Mar 2012 07:46:41 -0700 (PDT)
Received: from gateway12.websitewelcome.com (gateway12.websitewelcome.com [67.18.70.6]) by ietfa.amsl.com (Postfix) with ESMTP id 9391421E812F for <sidr@ietf.org>; Wed, 28 Mar 2012 07:46:41 -0700 (PDT)
Received: by gateway12.websitewelcome.com (Postfix, from userid 5007) id B8D231F550BAD; Wed, 28 Mar 2012 09:46:38 -0500 (CDT)
Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway12.websitewelcome.com (Postfix) with ESMTP id 81E481F550AF2 for <sidr@ietf.org>; Wed, 28 Mar 2012 09:46:38 -0500 (CDT)
Received: from [198.180.150.230] (port=58533 helo=dhcp-2594.meeting.ietf.org) by gator1743.hostgator.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <turners@ieca.com>) id 1SCu8z-0003mJ-Vi; Wed, 28 Mar 2012 09:46:38 -0500
Message-ID: <4F73244C.6020006@ieca.com>
Date: Wed, 28 Mar 2012 16:46:36 +0200
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0) Gecko/20120313 Thunderbird/11.0
MIME-Version: 1.0
To: Christopher Morrow <morrowc.lists@gmail.com>
References: <20111205182057.9350.73900.idtracker@ietfa.amsl.com> <CAL9jLaYXtePEJ1FyhxkKuRwFBiLPRN8pqT2va97-YG15Fqznvw@mail.gmail.com>
In-Reply-To: <CAL9jLaYXtePEJ1FyhxkKuRwFBiLPRN8pqT2va97-YG15Fqznvw@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator1743.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: v230.vpn.iad.rg.net (dhcp-2594.meeting.ietf.org) [198.180.150.230]:58533
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 5
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20=
Cc: sidr-chairs@ietf.org, sidr@ietf.org
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-01.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Mar 2012 14:46:42 -0000

I think this draft should probably get out of the WG in a cluster. 
There is normative references to draft-sidr-bgpsec-algs.  However, you 
could WGLC this draft because unless you're planning on the name format 
or the alg in draft-ietf-sidr-bgpsec-algs there's nothing really to 
argue about.  It could then just wait on the protocol/alg to go forward 
in a sensible cluster.

There's one tweak I'd do before a WGLC: update references to the 
published RFC #s.  Why don't I post a new version and then you & Sandy 
can decide whether to start the WGLC button.

The only thing remaining would be to get example encodings, but I think 
that can wait.

spt

On 3/28/12 2:33 PM, Christopher Morrow wrote:
> Sean/Tom,
> Tom had some comments on the previous (I believe) version of this
> draft, are they addressed to your satisfaction Tom?
>
> Sean, if Tom's ok with the changes, should we move this along?
>
> -Chris
> <cochair>
>
> On Mon, Dec 5, 2011 at 1:20 PM,<internet-drafts@ietf.org>  wrote:
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Inter-Domain Routing Working Group of the IETF.
>>
>>         Title           : A Profile for BGPSEC Router Certificates, Certificate Revocation Lists, and Certification Requests
>>         Author(s)       : Mark Reynolds
>>                           Sean Turner
>>                           Steve Kent
>>         Filename        : draft-ietf-sidr-bgpsec-pki-profiles-01.txt
>>         Pages           : 11
>>         Date            : 2011-12-05
>>
>>    This document defines a standard profile for X.509 certificates for
>>    the purposes of supporting validation of Autonomous System (AS) paths
>>    in the Border Gateway Protocol (BGP), as part of an extension to that
>>    protocol known as BGPSEC.  BGP is a critical component for the proper
>>    operation of the Internet as a whole.  The BGPSEC protocol is under
>>    development as a component to address the requirement to provide
>>    security for the BGP protocol.  The goal of BGPSEC is to design a
>>    protocol for full AS path validation based on the use of strong
>>    cryptographic primitives.  The end-entity (EE) certificates specified
>>    by this profile are issued under Resource Public Key Infrastructure
>>    (RPKI) Certification Authority (CA) certificates, containing the AS
>>    Identifier Delegation extension, to routers within the Autonomous
>>    System (AS).  The certificate asserts that the router(s) holding the
>>    private key are authorized to send out secure route advertisements on
>>    behalf of the specified AS.  This document also profiles the
>>    Certificate Revocation List (CRL), profiles the format of
>>    certification requests, and specifies Relying Party certificate path
>>    validation procedures.  The document extends the RPKI; therefore,
>>    this documents updates the RPKI Resource Certificates Profile (draft-
>>    ietf-sidr-res-cert-profile).
>>
>>
>> A URL for this Internet-Draft is:
>> http://www.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-01.txt
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>>
>> This Internet-Draft can be retrieved at:
>> ftp://ftp.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-01.txt
>>
>> _______________________________________________
>> sidr mailing list
>> sidr@ietf.org
>> https://www.ietf.org/mailman/listinfo/sidr
>