Re: [Sidr] Rsync
"Michele (Mike) Hjorleifsson" <mikeh@aepnetworks.com> Wed, 19 March 2008 02:11 UTC
Return-Path: <sidr-bounces@ietf.org>
X-Original-To: ietfarch-sidr-archive@core3.amsl.com
Delivered-To: ietfarch-sidr-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5A7F13A6E61; Tue, 18 Mar 2008 19:11:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.443
X-Spam-Level:
X-Spam-Status: No, score=-100.443 tagged_above=-999 required=5 tests=[AWL=-0.006, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v1JWWW4AiiQf; Tue, 18 Mar 2008 19:11:56 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 858533A6E09; Tue, 18 Mar 2008 19:11:51 -0700 (PDT)
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 566623A6B05 for <sidr@core3.amsl.com>; Tue, 18 Mar 2008 19:11:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z-QLkfeEqFtM for <sidr@core3.amsl.com>; Tue, 18 Mar 2008 19:11:49 -0700 (PDT)
Received: from aep-us-dc-01.aep-net.com (unknown [63.139.155.212]) by core3.amsl.com (Postfix) with ESMTP id E444E3A6E2A for <sidr@ietf.org>; Tue, 18 Mar 2008 19:11:28 -0700 (PDT)
Received: from [172.16.50.199] ([76.110.31.20]) by aep-us-dc-01.aep-net.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 18 Mar 2008 22:09:11 -0400
Message-Id: <1FC11487-D4DE-4B36-95F9-53AF264E38A7@aepnetworks.com>
From: "Michele (Mike) Hjorleifsson" <mikeh@aepnetworks.com>
To: Geoff Huston <gih@apnic.net>
In-Reply-To: <47E03B72.3040301@apnic.net>
Mime-Version: 1.0 (Apple Message framework v919.2)
Date: Tue, 18 Mar 2008 22:09:07 -0400
References: <mailman.17.1205434814.25117.sidr@ietf.org><4D22EF37-FCF2-48BB-889F-8FE8C1 7A1B04@aepnetworks.com> <47DE5161.3030104@ripe.net> <004201c88855$c77f8540$6e00a8c0@ad.redback.com> <47DF04FB.9020103@apnic.net> <p06240503c40591103fc4@[128.89.89.71]> <Pine.WNT.4.64.0803181319130.928@SANDYM-LT.columbia.ads.sparta.com> <47E03B72.3040301@apnic.net>
X-Mailer: Apple Mail (2.919.2)
X-OriginalArrivalTime: 19 Mar 2008 02:09:11.0314 (UTC) FILETIME=[38D3E720:01C88966]
Cc: sidr@ietf.org
Subject: Re: [Sidr] Rsync
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: sidr-bounces@ietf.org
Errors-To: sidr-bounces@ietf.org
I believe the conversation was centered around write access, to ensure an unauthorized individual couldnt corrupt the repository On Mar 18, 2008, at 18:00 , Geoff Huston wrote: >> On Tue, 18 Mar 2008, Stephen Kent wrote: >>> At 9:55 AM +1000 3/18/08, Robert Loomans wrote: >> <snip> >>> It has been suggested that access to repositories might be >>> TLS-protected, even though the data is intended to be widely >>> available. The motivation is that requiring a TLS credential >>> (issued >>> under the RPKI) could be used to reject DoS attacks by complete >>> outsiders. > > > Perhaps the clarifying question is: are you talking about read > access or write access? > > The comments I've seen that support the notion of no need for TLS > support appear to refer to read access, where anyone can be a > relying party and the combination of manifests and digital > signatures on retrieved objects is sufficient to ensure that the > relying party can determine the completeness and validity of the > retrieved information. > > The comments I've seen in favour of TLS appear to refer to write > access where a CA or EE has outsouced the publication repository > management function to a third party and there may be some need for > a secured channel of write access as a means of DOS protection. > > The drafts on this topic (draft-huston-sidr-repos-struct-01.txt, and > draft-ietf-sidr-res-certs-09.txt) refer only to read access. > > > _______________________________________________ Sidr mailing list Sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
- [Sidr] Rsync Michele (Mike) Hjorleifsson
- Re: [Sidr] Rsync Robert Kisteleki
- Re: [Sidr] Rsync Tony Li
- Re: [Sidr] Rsync Michele (Mike) Hjorleifsson
- Re: [Sidr] Rsync Robert Loomans
- Re: [Sidr] Rsync Robert Loomans
- Re: [Sidr] Rsync Michele (Mike) Hjorleifsson
- Re: [Sidr] Rsync Robert Loomans
- Re: [Sidr] Rsync Geoff Huston
- Re: [Sidr] Rsync Robert Loomans
- Re: [Sidr] Rsync Stephen Kent
- Re: [Sidr] Rsync Sandra Murphy
- Re: [Sidr] Rsync Stephen Kent
- Re: [Sidr] Rsync Geoff Huston
- Re: [Sidr] Rsync Michele (Mike) Hjorleifsson
- Re: [Sidr] Rsync Robert Loomans
- Re: [Sidr] Rsync Stephen Kent