IETF Logo Mail Archive

Re: [sidr] WGLC draft-sidr-rpki-rtr - take 2?

Matthias Waehlisch <waehlisch@ieee.org> Sat, 09 April 2011 21:55 UTC

Return-Path: <waehlisch@ieee.org>
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9D0773A6958 for <sidr@core3.amsl.com>; Sat, 9 Apr 2011 14:55:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.692
X-Spam-Level:
X-Spam-Status: No, score=-101.692 tagged_above=-999 required=5 tests=[AWL=0.557, BAYES_00=-2.599, HELO_EQ_DE=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzNMBBVtzrRw for <sidr@core3.amsl.com>; Sat, 9 Apr 2011 14:55:21 -0700 (PDT)
Received: from mail2.rz.htw-berlin.de (mail2.rz.htw-berlin.de [141.45.10.102]) by core3.amsl.com (Postfix) with ESMTP id 6714A3A696F for <sidr@ietf.org>; Sat, 9 Apr 2011 14:55:21 -0700 (PDT)
Envelope-to: sidr@ietf.org
Received: from g231224086.adsl.alicedsl.de ([92.231.224.86] helo=mw-PC.fritz.box) by mail2.rz.htw-berlin.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.72 (FreeBSD)) (envelope-from <waehlisch@ieee.org>) id 1Q8g7g-000Fag-5q; Sat, 09 Apr 2011 23:55:16 +0200
Date: Sat, 09 Apr 2011 23:57:01 +0200
From: Matthias Waehlisch <waehlisch@ieee.org>
To: Hannes Gredler <hannes@juniper.net>
In-Reply-To: <20110409204334.GB16327@juniper.net>
Message-ID: <Pine.WNT.4.64.1104092335390.3380@mw-PC>
References: <m2tyea7urr.wl%randy@psg.com> <8BE1C346-6214-4343-9E46-BFA8D96E4B6C@cisco.com> <BANLkTikTqCD4_=-Sjs7ng2qSLn3vYw5qLw@mail.gmail.com> <55B61488-045C-44FA-90DB-83543A6209FB@cisco.com> <m2ipupsmuy.wl%randy@psg.com> <BANLkTinoJRu=hkoiCS=Xj000r3W+n5KnZQ@mail.gmail.com> <F05F2600-9E6C-410B-9EC5-F4245E6F5B88@cisco.com> <20110408170400.GC11350@juniper.net> <4A88F7EC-12D4-4AAA-92BE-D6A8BEACF776@cisco.com> <E2C0D0FF-A02D-4DF3-80CE-2D6346E20EF5@apnic.net> <20110409204334.GB16327@juniper.net>
X-X-Sender: mw@mail2.rz.fhtw-berlin.de
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-HTW-SPAMINFO: this message was scanned by eXpurgate (http://www.eleven.de)
X-HTW-DELIVERED-TO: sidr@ietf.org
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] WGLC draft-sidr-rpki-rtr - take 2?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Apr 2011 21:55:22 -0000

Hi Hannes,

On Sat, 9 Apr 2011, Hannes Gredler wrote:

> | > I have no problem listing various transports. I thought there was a suggestion to
> | > keep one of them mandatory to encourage better interoperability. That makes
> | > some sense.
> | 
> | Frankly the interoperability argument is a very strong one for me. Yes, at every
> | step and with every component of this design we could enumerate a laundry list
> | of possible technologies, but, frankly, it seems like a less than useful exercise
> | of constructing complexity and threatening interoperability of the resultant
> | system. If the intention is to produce robust specifications that allow cleanly
> | interoperable implementations then it makes sense for me to produce a 
> | specification that makes specific selections from the choice set.
> 
> the question is *what* is that we try to standardize ? - is it
> 
> 1. the application level communication protocol between caches and routers
> 2. the application level communication protocol between caches and routers
>    and the transport ?
> 
  it's 1. However, an (inherent) requirement of the protocol is (a) to 
deliver the data such that it is authenticated and (b) the integrity of 
the data can be verified. Otherwise, at least from my perspective, the 
protocol would be useful.

  Leaving the mechanism for authentication and integrity undefined would 
result in a not well-defined protocol. From an implementation and 
deployment perspective, this is quite painful. We do not breach the 
"spirit of good layering" if we precisely define how this requirement 
can be achieved.

  Maybe, the question is if there is anything else to achieve the goals, 
which is not out-dated, implemented, and beyond the current suggestions.
 


Best regards
  matthias

-- 
Matthias Waehlisch
.  Freie Universitaet Berlin, Inst. fuer Informatik, AG CST
.  Takustr. 9, D-14195 Berlin, Germany
.. mailto:waehlisch@ieee.org .. http://www.inf.fu-berlin.de/~waehl
:. Also: http://inet.cpt.haw-hamburg.de .. http://www.link-lab.net

v2.23.0 | Report a Bug | By Email