IETF Logo Mail Archive

Re: [sidr] working group adoption call for draft-kklf-sidr-route-server-rpki-light-01

Aris Lambrianidis <aristidis.lambrianidis@ams-ix.net> Fri, 06 May 2016 22:28 UTC

Return-Path: <aristidis.lambrianidis@ams-ix.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 841D612D1A7 for <sidr@ietfa.amsl.com>; Fri, 6 May 2016 15:28:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.897
X-Spam-Level:
X-Spam-Status: No, score=-2.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A0NUCkzHti-y for <sidr@ietfa.amsl.com>; Fri, 6 May 2016 15:28:19 -0700 (PDT)
Received: from deliverix.ams-ix.net (deliverix.ams-ix.net [IPv6:2001:67c:1a8:a101::70]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BC8F12D13C for <sidr@ietf.org>; Fri, 6 May 2016 15:28:18 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at ams-ix.net
Received: from [192.168.1.10] (unknown [92.110.22.93]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: aristidis) by deliverix.ams-ix.net (Postfix) with ESMTPSA id E651C47FAE; Sat, 7 May 2016 00:28:16 +0200 (CEST)
Message-ID: <572D1A7E.9020208@ams-ix.net>
Date: Sat, 07 May 2016 00:28:14 +0200
From: Aris Lambrianidis <aristidis.lambrianidis@ams-ix.net>
User-Agent: Postbox 4.0.8 (Windows/20151105)
MIME-Version: 1.0
To: Randy Bush <randy@psg.com>
References: <13075573-8AFA-41D7-B0A3-E2B94DF78E61@tislabs.com> <CAL9jLaa6rcJ42cFyJEW1XTcvMfqnLr++VE7kHgpOG1ywL4S1JA@mail.gmail.com> <alpine.WNT.2.00.1605051758070.2308@mw-PC> <CAL9jLaY355-o1yF+whryMNWTJTyET_d082ZTBapE0CtaVdy3Wg@mail.gmail.com> <22b44efa-bd76-0feb-d1ad-2c5b5c3b845c@gmail.com> <CAL9jLabareh=4_nHMUO2GT8kB94J8yRX3HOJCqU6z3P5iOAPbQ@mail.gmail.com> <CAHw9_iJLZ6T5MQYigEiXcDL21dUkiHT2hezpbq1W8ttet8722A@mail.gmail.com> <m2lh3mlu3x.wl%randy@psg.com>
In-Reply-To: <m2lh3mlu3x.wl%randy@psg.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/VJqp8PjM5eHGZao2kmEBjHh0z0o>
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] working group adoption call for draft-kklf-sidr-route-server-rpki-light-01
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 May 2016 22:28:21 -0000

Randy Bush wrote:
> this glibly glosses over that, by outsourcing origin validation, an
> attack vector is introduced.  i presume i do not need to describe it.
> so it needs to be big in the sec cons.

Is it bigger than the attack vector allowed for when not doing origin 
validation at all?

Kind regards,
Aris Lambrianidis

v2.23.0 | Report a Bug | By Email