Re: [sidr] I-D Action: draft-ietf-sidr-rpki-validation-reconsidered-00.txt
Stephen Kent <kent@bbn.com> Wed, 06 August 2014 15:44 UTC
Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E7B01B2C4A for <sidr@ietfa.amsl.com>; Wed, 6 Aug 2014 08:44:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5PIEzVFk-JAD for <sidr@ietfa.amsl.com>; Wed, 6 Aug 2014 08:44:43 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D68C1B2D16 for <sidr@ietf.org>; Wed, 6 Aug 2014 08:44:42 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:37031 helo=comsec.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1XF3OL-0009Ve-8A for sidr@ietf.org; Wed, 06 Aug 2014 11:44:41 -0400
Message-ID: <53E24D68.8020705@bbn.com>
Date: Wed, 06 Aug 2014 11:44:40 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: sidr@ietf.org
References: <20140702012717.18291.24295.idtracker@ietfa.amsl.com> <415BB336-1A6C-48DD-BD0F-BC9EB0C3506F@ripe.net> <53CFFF3C.2040406@bbn.com> <BB01407F-A226-4531-9FDD-50E1B0A238F0@ripe.net> <53D151F0.80808@bbn.com> <C838412C-D16C-4C88-B022-85484789444A@ripe.net> <53D178A6.7060502@bbn.com> <CFF7CDF2.4AB4B%bje@apnic.net> <65886423-144A-48B5-A0EF-D35D4A4FE890@ripe.net> <CA+z-_EUXA0TWDqHV-9sFbgS2vyXiKE9EKBae6K0eihuhKTsm2A@mail.gmail.com> <53DAA101.8020305@bbn.com> <53E11912.7050904@gmail.com> <53E1486B.1080604@bbn.com> <53E151C7.1090508@gmail.com>
In-Reply-To: <53E151C7.1090508@gmail.com>
Content-Type: text/plain; charset="iso-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/NwTcLhD72D8O257ptiAgQgoyF5Q
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-rpki-validation-reconsidered-00.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Aug 2014 15:44:49 -0000
Carlos, ... > Given that S-BGP failed to gain any traction and most people outside the > IETF have never heard of it, I don´t think it sets a particularly > encouraging precedent. You asked why 3779. I explained. The were many reasons why S-BGP didn't succeed, but use of 3779 is not likely one of them. > There is nothing wrong with the extension, nor with the rules per-se. > Some of us believe that 3779 rules are not a good match for this > particular problem. They may very well be for other, related, problem > domains (whole network transfers come to mind now). The SIDR WG began meeting in 2006, I believe. The SIDR arch doc was first posted (as an accepted WG I-D) on 2/28/07. It cited 3779 as the basis for the RPKI. It seems curious to me that it has taken 7 years for senior RIR tech staff to determine that there is a problem. You are relatively new to this effort, but what is the excuse for your co-authors? >> But, then, so are IPv4 and v6 address prefixes. Do you propose creating >> separate PKIs >> for IPv4 and IPv6 addresses? > Definitely not. Again, S-BGP is not a particularly good data point. I > propose to *unbundle* the analysis of resource types when validating > certs. I believe that is clear from my earlier email and from our draft. The earlier draft did not contain an algorithm for doing what Geoff has recently suggested as a way to do this. That I-D contained a set of text that tried to convey what the authors wanted to happen, but it was sloppy and focused only on EE cert validation. The current I-D tries to describe a problem space, and it should do so without prejudice wrt a solution. Your comments suggest otherwise. (Also, since you keep criticizing S-BGP, how extensive is your understanding the system, beyond knowing the acronym. Have you read any of the papers, or are your comments based on hearsay?) > ... >> Should revocation of a cert with a set of prefixes invalidate all >> the certs below? (hint, the answer is yes.) The examples cited by >> you and your fellow authors focus only on errors in 3779 extensions, >> but why are revocation errors not equally important to address? > The ability of not being able to correct 1 issue out of 2 doesn´t seem > to be a good argument for leaving the 2 unfixed. Quite the contrary. If a major rationale for changing path validation is to deal with mistakes by RPKI CAs, then let's articulate the rationale clearly and comprehensively, so that it guides our selection of a solution. if we adopt one fix based on an incomplete description of the problem, it may cause us to postpone developing a more comprehensive solution. Also a more comprehensive solution might avoid duplication of mechanisms. > In addition, revocation errors are way less probable than transient > registry inaccuracies. I actually don´t see how we would revoke a cert > by mistake, although I´m not saying it cannot happen. If I had to put > probabilities to it, I would say 99% of problems will come from registry > inaccuracies vs 1% revocation errors. Your numbers seem very speculative to me. At best they are based on the limited experience that RIRs have with managed CA services for clients. So I am not convinced that you have a solid basis for projecting one type of error vs. another when support for CAs run buy net operators is deployed. > So, if 2 weeks of work (Tim says 1 day, but given he's a particularly > gifted coder we´ll give everyone else 14 times as much) can solve 99% > (or 90%, or even 80%) of issues and remove a large roadblock for the > continuing adoption of OV and RPKI, it seems like a no brainer. I agree that there is a "no brainer" here, but you would not like my assessment of why. As Terry noted, the "end of routing as we know it" or taking an entire country offline, claims that were made were misleading, wrt OV. So, why do you see resolution of this issue as a major impediment to continuing adoption of the RPKI? Steve
- [sidr] I-D Action: draft-ietf-sidr-rpki-validatio… internet-drafts
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Byron Ellacott
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Russ Housley
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Rob Austein
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Byron Ellacott
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos Martinez-Cagnazzo
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… George, Wes
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… George, Wes
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Stephen Kent
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Randy Bush
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Randy Bush
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Randy Bush
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… George, Wes
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Roque Gagliano (rogaglia)
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Andy Newton
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Byron Ellacott
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… John Curran
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Carlos M. Martinez
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Geoff Huston
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Geoff Huston