IETF Logo Mail Archive

Re: [sidr] RPKI validator testing summary

Geoff Huston <gih@apnic.net> Sat, 03 December 2011 05:51 UTC

Return-Path: <gih@apnic.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E957E21F8D52 for <sidr@ietfa.amsl.com>; Fri, 2 Dec 2011 21:51:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.808
X-Spam-Level:
X-Spam-Status: No, score=-100.808 tagged_above=-999 required=5 tests=[AWL=0.575, BAYES_00=-2.599, HOST_MISMATCH_NET=0.311, RCVD_IN_PBL=0.905, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Erzi8cp+v5vr for <sidr@ietfa.amsl.com>; Fri, 2 Dec 2011 21:51:35 -0800 (PST)
Received: from asmtp.apnic.net (asmtp.apnic.net [IPv6:2001:dc0:2001:11::199]) by ietfa.amsl.com (Postfix) with ESMTP id 4092F21F8D23 for <sidr@ietf.org>; Fri, 2 Dec 2011 21:51:35 -0800 (PST)
Received: from [10.242.58.184] (mcf0f36d0.tmodns.net [208.54.15.207]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by asmtp.apnic.net (Postfix) with ESMTP id 66EA7B6767; Sat, 3 Dec 2011 15:51:31 +1000 (EST)
Mime-Version: 1.0 (Apple Message framework v1251.1)
Content-Type: text/plain; charset="us-ascii"
From: Geoff Huston <gih@apnic.net>
In-Reply-To: <m2liqu8aw4.wl%randy@psg.com>
Date: Sat, 03 Dec 2011 16:51:25 +1100
Content-Transfer-Encoding: 7bit
Message-Id: <C1A97BE7-FE53-49E7-B6AC-879C5B76B96C@apnic.net>
References: <4ED64E04.7030408@bbn.com> <E3871AC3-6960-433A-8A34-7F10087A7EC7@apnic.net> <E03612FA-E271-4243-AE29-858D242B91CE@apnic.net> <m2r50m8gk2.wl%randy@psg.com> <1BADD28A-5808-48BB-A85D-275ED141D2D8@apnic.net> <m2liqu8aw4.wl%randy@psg.com>
To: Randy Bush <randy@psg.com>
X-Mailer: Apple Mail (2.1251.1)
Cc: sidr wg <sidr@ietf.org>
Subject: Re: [sidr] RPKI validator testing summary
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Dec 2011 05:51:36 -0000

On 03/12/2011, at 4:47 PM, Randy Bush wrote:

>>> so are you saying bottom up is just a no-go?
>> I believe I am, in that by following the AIA pointers you may be lead
>> to places that may not match your chosen trust anchors.
>> This is particularly the case for those who want to set up local TAs
>> as per some draft or another.
> 
> as at least one validation implementation, bbn, is bottom up, and was
> done by clueful folk next to some draft or another, i suspect we need to
> document this in a warning some place.

That would be a Good Idea - I've met my personal quota of drafts and writing
assignments for this Working Group some time back, but hopefully someone will
pick this up and put the necessary caveat into the appropriate documentation
spot.

  Geoff

v2.23.0 | Report a Bug | By Email