Re: [sidr] preventing SKI collisions
Stephen Kent <kent@bbn.com> Wed, 12 August 2015 11:43 UTC
Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C9B61A90D5 for <sidr@ietfa.amsl.com>; Wed, 12 Aug 2015 04:43:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fsY1j12_I-w9 for <sidr@ietfa.amsl.com>; Wed, 12 Aug 2015 04:43:37 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49FD11A90F4 for <sidr@ietf.org>; Wed, 12 Aug 2015 04:43:37 -0700 (PDT)
Received: from ssh.bbn.com ([192.1.122.15]:35400 helo=COMSEC.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ZPURT-0007XA-TB; Wed, 12 Aug 2015 07:43:35 -0400
To: Richard Hansen <rhansen@bbn.com>
References: <555F436F.3080003@bbn.com> <2BF75857-6A5F-4260-B13B-0B9F6CE3FD98@ieca.com> <197E8AEA-D554-4DB4-885E-CFD55EF9E774@ripe.net> <m2wpx7pes6.wl%randy@psg.com> <55C4D7C8.4000401@bbn.com> <97B4FBD1-BCE6-4D37-BC0C-07A211347FBF@ieca.com> <55CA51A6.1070209@bbn.com> <55CA8C3F.5050402@bbn.com>
From: Stephen Kent <kent@bbn.com>
Message-ID: <55CB3167.8080907@bbn.com>
Date: Wed, 12 Aug 2015 07:43:35 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.0.1
MIME-Version: 1.0
In-Reply-To: <55CA8C3F.5050402@bbn.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/R_QjCeJuqjf5_jyGXjpHbDqgTl4>
Cc: sidr@ietf.org
Subject: Re: [sidr] preventing SKI collisions
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Aug 2015 11:43:39 -0000
Richard, no problem. anyway, my comments may have been too strongly worded. If we feel that it's important for router certs to use a different hash alg, then the router cert profile can define which alg to use, as an explicit, profiled deviation from the RPKI cert profile. We can also revisit the RP requirement to check the SKI in a router cert if we feel that will be necessary to enable alg agility for router cert SKI values going forward. This is a separate cert profile, so we have options. Steve
- [sidr] preventing SKI collisions Richard Hansen
- Re: [sidr] preventing SKI collisions Stephen Kent
- Re: [sidr] preventing SKI collisions Sean Turner
- Re: [sidr] preventing SKI collisions George Michaelson
- Re: [sidr] preventing SKI collisions Richard Hansen
- Re: [sidr] preventing SKI collisions Tim Bruijnzeels
- Re: [sidr] preventing SKI collisions Randy Bush
- Re: [sidr] preventing SKI collisions Tim Bruijnzeels
- Re: [sidr] preventing SKI collisions Richard Hansen
- Re: [sidr] preventing SKI collisions Sean Turner
- Re: [sidr] preventing SKI collisions Sean Turner
- Re: [sidr] preventing SKI collisions Richard Hansen
- Re: [sidr] preventing SKI collisions Stephen Kent
- Re: [sidr] preventing SKI collisions Richard Hansen
- Re: [sidr] preventing SKI collisions Stephen Kent
- Re: [sidr] preventing SKI collisions Tim Bruijnzeels
- Re: [sidr] preventing SKI collisions Sean Turner
- Re: [sidr] preventing SKI collisions Russ Housley
- Re: [sidr] preventing SKI collisions David Mandelberg
- Re: [sidr] preventing SKI collisions Sandra Murphy
- Re: [sidr] preventing SKI collisions Sean Turner
- Re: [sidr] preventing SKI collisions Randy Bush
- Re: [sidr] preventing SKI collisions Rob Austein