IETF Logo Mail Archive

Re: [sidr] I-D Action: draft-ietf-sidr-publication-09.txt

George Michaelson <ggm@algebras.org> Wed, 21 September 2016 22:46 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9226E12BCD5 for <sidr@ietfa.amsl.com>; Wed, 21 Sep 2016 15:46:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qQUYeMJgGlue for <sidr@ietfa.amsl.com>; Wed, 21 Sep 2016 15:46:33 -0700 (PDT)
Received: from mail-vk0-x234.google.com (mail-vk0-x234.google.com [IPv6:2607:f8b0:400c:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE95812BA00 for <sidr@ietf.org>; Wed, 21 Sep 2016 15:46:32 -0700 (PDT)
Received: by mail-vk0-x234.google.com with SMTP id a63so2360317vke.3 for <sidr@ietf.org>; Wed, 21 Sep 2016 15:46:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=oQGCoGkGg2FVu4b8MAqtjfzdga5VV7DAcqBiQRknZjM=; b=qFy/tGkmOGSKi1/vjjALEmoTDqp/+LeeDB85GftFSE0H8V+slBbTxAayCIGIxDtUCV rEoAiClhd7KwXmJjp2r4b580rp/vrvAjJHIsLIc3+Wl5DdRdvkKYfXR5kvExQZIGZD/G BkuQtsptjh+YZDvnrTcOGfYlpSvzWm84CIgUzcBrU6pszx3WDzWJd1n1xaZyWwd8Kw8v nFdF/3QAEhj4M5VRkTKO53AGFqUtYna5EIpRZqj44gHhKWFvcyp01lstz+wgFwTf31KS YfvaSN52N4WPOWbYRxGSj9WMjxBr4MvUH09x9fKPaXjF5C5MgoSipbaVz7kypBPlPKhL Ej9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=oQGCoGkGg2FVu4b8MAqtjfzdga5VV7DAcqBiQRknZjM=; b=YgOPtPhqEQz0TxvGSPV53nyaljbBlhTPZfjlPI0YKd3Fkq4gO9sak6OrTOHvJvtxNg ZdTobEnOvnwdeD6JCCzaLJw3rZ3fg7oKhJZ0e60tU24CG3l4EnOK4vZep1dT91ttZXLG yDxVq15hAvIjOVdkGc3p15ZkCvgcBdFOBQwnlxpdt2KGkHVg/pKsM9SXsulnn4osQRkw 388/ps76K20S9F8wuh/1KDoJXDiZufiyy7N0nInnt4q2LRI5C4d8AOOQW+nIPsLSmNwe UwG3SmLpuyDtVGKfCh0Muc0FB/wq2PAm7G86040vxUgHO08S84aqACkwCQDKAZgMuRON J88Q==
X-Gm-Message-State: AE9vXwMJZg5IEoUOpdcYXOFK5QRAb+ubDaiHdb8Prd1MobHDwLwFcGwb3nuo9o1gOcc1XZJDYWqVCENMjA7iDQ==
X-Received: by 10.31.83.4 with SMTP id h4mr344711vkb.167.1474497992126; Wed, 21 Sep 2016 15:46:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.50.73 with HTTP; Wed, 21 Sep 2016 15:46:31 -0700 (PDT)
X-Originating-IP: [2001:dc0:a000:4:a1d6:5e2a:4f6f:e221]
In-Reply-To: <20160921224005.86F11424CD9C@minas-ithil.hactrn.net>
References: <147449680045.14534.6913652933105680578.idtracker@ietfa.amsl.com> <20160921224005.86F11424CD9C@minas-ithil.hactrn.net>
From: George Michaelson <ggm@algebras.org>
Date: Thu, 22 Sep 2016 08:46:31 +1000
Message-ID: <CAKr6gn1Oh8odAnsF9aYWOWTNHRDUfVGR=e_kRZ2dCkp8eskbuw@mail.gmail.com>
To: Rob Austein <sra@hactrn.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/WlJ70Qh36tR6Y5jkx_IFVPf8Ykk>
Cc: "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-publication-09.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2016 22:46:34 -0000

This is a service protocol for people who are in a relationship about
RPKI objects, and want to commission and operate publication through
the parent who signs over them, and their products. The bPKI is not
RPKI, its discrete, and separate. So the intrusion of this protocol
into SIDR is about its consequence, not it, as a protocol itself. It
could be in a PKIX class generic WG. Meh. It doesn't matter, its here,
and we can move it.

It feels to me like its good-enough: it protects the payload, it
identifies each side, it is transactional (all-or-nothing) so the
partial failure consequences simply don't arise in a bulk operation:
either get it all right, or nothing changes.

Managing a bPKI is a nightmare all in itself. I like that this
discretely side-steps the question, because its really not material:
If you trust each other anyway because of outside process to use
certs, then this protocol lets a server-client pair talk and get a job
done.

Don't big the role up. Focus. This document is focussed and brief. That works.

Ship it.

PS my sense of 'why have repositories' is orthogonal to this question.
Given they exist, they need to be managed, and thats a service
function which should operate in an open specification. I will be
recommending operational people in APNIC to consider this for
implementation, if there is a driver for (re)publication through APNIC
to reduce repository count overall.

G

On Thu, Sep 22, 2016 at 8:40 AM, Rob Austein <sra@hactrn.net> wrote:
> Updated per request from WG chairs.  No changes to protocol syntax or
> semantics since version that went through WGLC.
>
> Other than refreshing the I-D (the old one-D was about to expire), the
> only change was a minor tweak to the RelaxNG schema, to better enforce
> syntactic constraints already present in the normative text.
>
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr

v2.35.0 | Report a Bug | By Email | System Status