Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track

Sandra Murphy <Sandra.Murphy@sparta.com> Tue, 19 July 2011 21:29 UTC

Return-Path: <Sandra.Murphy@cobham.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF22522800F for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 14:29:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.996
X-Spam-Level:
X-Spam-Status: No, score=-101.996 tagged_above=-999 required=5 tests=[AWL=0.603, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5u3YbWSXug1p for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 14:29:34 -0700 (PDT)
Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 1DA5A228006 for <sidr@ietf.org>; Tue, 19 Jul 2011 14:29:33 -0700 (PDT)
Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id p6JLTC9P016887; Tue, 19 Jul 2011 16:29:12 -0500
Received: from mailbin2.ads.sparta.com (mailbin.sparta.com [157.185.85.6]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id p6JLTBM9012620; Tue, 19 Jul 2011 16:29:12 -0500
Received: from SMURPHY-LT.columbia.ads.sparta.com ([157.185.81.116]) by mailbin2.ads.sparta.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.4675); Tue, 19 Jul 2011 17:29:11 -0400
Date: Tue, 19 Jul 2011 17:29:10 -0400
From: Sandra Murphy <Sandra.Murphy@sparta.com>
To: Terry Manderson <terry.manderson@icann.org>
In-Reply-To: <CA4C2EE9.17FA1%terry.manderson@icann.org>
Message-ID: <Pine.WNT.4.64.1107191720470.6484@SMURPHY-LT.columbia.ads.sparta.com>
References: <CA4C2EE9.17FA1%terry.manderson@icann.org>
X-X-Sender: sandy@mailbin.sparta.com
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
X-OriginalArrivalTime: 19 Jul 2011 21:29:11.0144 (UTC) FILETIME=[E648E680:01CC465A]
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 21:29:35 -0000

On Tue, 19 Jul 2011, Terry Manderson wrote:

> On 20/07/11 6:43 AM, "Randy Bush" <randy@psg.com> wrote:
>
>>> ok. So in which case before I give in to making repos-struct a PS, I would
>>> want to see words somewhere that say that the validation choice for an RPKI
>>> object file is to based on the filename in the manifest and not on the
>>> transferred filename.
>>
>> again, the manifest may represent a proper subset of the valid objects in the
>> directory
>>
>
> Which I think is sloppy behaviour.

It is a fundamental part of the proposed repository structure.

The following text from section 2.2 of the repos-struct draft:

    The RPKI design requires that a CA be uniquely associated with a
    single key pair.  Thus, the administrative entity that is a CA
    performs key rollover by generating a new CA certificate with a new
    Subject name, as well as a new key pair [I-D.ietf-sidr-keyroll].
    (The reason for the new Subject name is that in the context of the
    RPKI the Subject names in all certificates issued by a CA are
    intended to be unique, and because the RPKI key rollover procedure
    creates a new instance of a CA with the new key, the name constraint
    implies the need for a new Subject name for the CA with the new key.)
    In such cases the entity SHOULD continue to use the same repository
    publication point for both CA instances during the key rollover,
    ensuring that the value of the AIA extension in indirect subordinate
    objects that refer to the certificates issued by this CA remain valid
    across the key rollover, and that the re-issuance of subordinate
    certificates in a key rollover is limited to the collection of
    immediate subordinate products of this CA.  In such cases the
    repository publication point will contain the CRL, manifest and
    subordinate certificates of both CA instances.

says that in times of CA key rollover, the publication point directory 
should contain two manifests and all the files from both manifests.  So 
neither manifest contains all the files names in the directory.

--Sandy, speaking as wg chair



>
> T.
>
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr
>