[sidr] new version of adverse actions I-D
Stephen Kent <kent@bbn.com> Wed, 14 October 2015 13:00 UTC
Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52C371A1EF1 for <sidr@ietfa.amsl.com>; Wed, 14 Oct 2015 06:00:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ypl71z2ypTYA for <sidr@ietfa.amsl.com>; Wed, 14 Oct 2015 06:00:04 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 762BC1A21B0 for <sidr@ietf.org>; Wed, 14 Oct 2015 06:00:04 -0700 (PDT)
Received: from ssh.bbn.com ([192.1.122.15]:42310 helo=COMSEC.fios-router.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ZmLf0-000MTJ-T3 for sidr@ietf.org; Wed, 14 Oct 2015 09:00:03 -0400
To: sidr <sidr@ietf.org>
From: Stephen Kent <kent@bbn.com>
Message-ID: <561E51D2.2030909@bbn.com>
Date: Wed, 14 Oct 2015 09:00:02 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/ZyvhHVIGxvlA6akvt93CT2Vz55c>
Subject: [sidr] new version of adverse actions I-D
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Oct 2015 13:00:07 -0000
This version has two major changes: - it includes text that describes the impact of each of the adverse actions, in the context of each RPKI repository object type. This text was added in response to a request fro Andrei. - the subsections have been re-ordered to be uniform for each object type, to make it easier to see that every action is described for each object type. In the course of doing this we discovered that four descriptions were missing, which shows how helpful the re-ordering is ;-). Remember, the intent of this document is to enumerate the classes of problems that can arise in the RPKI due to an error by (or a successful attack against) a CA or repository manager. Concerns about full scale deployment of the RPKI have been raised based on informal discussion of these sorts of issues, but we felt that a more detailed, comprehensive analysis was needed. When the WG considers mechanisms that might address such problems, we ought to compare them against this enumeration (in its final form, based on WG feedback), to evaluate the extent to which the mechanisms address the full range of problems. https://datatracker.ietf.org/doc/draft-kent-sidr-adverse-actions/ WG feedback is solicited. Thanks, Steve
- [sidr] new version of adverse actions I-D Stephen Kent