IETF Logo Mail Archive

Re: [sidr] Terry Manderson's Discuss on draft-ietf-sidr-rpsl-sig-11: (with DISCUSS and COMMENT)

Tim Bruijnzeels <tim@ripe.net> Fri, 20 May 2016 14:18 UTC

Return-Path: <tim@ripe.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CF1D12D9A8; Fri, 20 May 2016 07:18:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.326
X-Spam-Level:
X-Spam-Status: No, score=-8.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.426] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ux95hNTMyeo5; Fri, 20 May 2016 07:18:26 -0700 (PDT)
Received: from mahimahi.ripe.net (mahimahi.ripe.net [IPv6:2001:67c:2e8:11::c100:1372]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA27812D9A6; Fri, 20 May 2016 07:18:25 -0700 (PDT)
Received: from nene.ripe.net ([193.0.23.10]) by mahimahi.ripe.net with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.84) (envelope-from <tim@ripe.net>) id 1b3lFt-0006vB-Fi; Fri, 20 May 2016 16:18:23 +0200
Received: from sslvpn.ripe.net ([193.0.20.230] helo=vpn-30.ripe.net) by nene.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from <tim@ripe.net>) id 1b3lFt-0000Ea-7b; Fri, 20 May 2016 16:18:21 +0200
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Content-Type: text/plain; charset="us-ascii"
From: Tim Bruijnzeels <tim@ripe.net>
In-Reply-To: <9e0601f1-92f7-105b-57c1-c95d2fad660c@ripe.net>
Date: Fri, 20 May 2016 16:18:19 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <C5142424-41C5-4BD0-8AFE-446E532B8E15@ripe.net>
References: <20160518033754.24796.52937.idtracker@ietfa.amsl.com> <f1770d7b-7a16-6bab-91f7-dd6e41bb60ff@innovationslab.net> <35AEF9F7-FFAD-470B-9D0D-1D7BE7C7FE90@ripe.net> <d4872829-f267-2297-0abc-4820bbde07ed@innovationslab.net> <CAKr6gn2dekUfo6EAORAnOck=U-FoFsXreZ43KDT3X8SBRWG3HA@mail.gmail.com> <9e0601f1-92f7-105b-57c1-c95d2fad660c@ripe.net>
To: Robert Kisteleki <robert@ripe.net>
X-Mailer: Apple Mail (2.3124)
X-ACL-Warn: Delaying message
X-RIPE-Spam-Level: --------
X-RIPE-Spam-Report: Spam Total Points: -8.1 points pts rule name description ---- ---------------------- ------------------------------------ -7.5 ALL_TRUSTED Passed through trusted hosts only via SMTP -1.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.5000]
X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a07197f349b0dd4566e318ff29e5a7ada2e00
Archived-At: <http://mailarchive.ietf.org/arch/msg/sidr/abwTvx0YgKF1mQDI_EKf6T5JHY4>
Cc: draft-ietf-sidr-rpsl-sig@ietf.org, "Sandra L. Murphy" <sandy@tislabs.com>, sidr-chairs@ietf.org, The IESG <iesg@ietf.org>, "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] Terry Manderson's Discuss on draft-ietf-sidr-rpsl-sig-11: (with DISCUSS and COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 May 2016 14:18:29 -0000

Hi Robert, all,

> On 20 May 2016, at 13:32, Robert Kisteleki <robert@ripe.net> wrote:
> 
> Chiming it late...
> 
> On 2016-05-19 0:39, George Michaelson wrote:
>> I would rather the sigs were signed by ee certs which were in the
>> blob, than have to make an external reference and I would rather we
>> varied the compliance needs to remove a pointless external ref.
>> 
>> If there has to be a ref, I think making it mandated to a specific
>> scheme is over specifying, especially in a context where we might
>> begin to understand *where you get cryptographic materials from is
>> less important than proving who said them*.
>> 
>> Rsync is a bad fit. for the actual signing cert, Inline is better. It
>> can refer to whatever chain it likes.
>> 
>> -G
> 
> In the good ol' days a reference was put in because while the signature
> itself is relatively small, including the full EE cert would bloat the whole
> RPSL object to potentially multiple times its original size -- and for those
> who don't care about signatures this is a huge overhead. Furthermore, if one
> would reuse EE certs in multiple signatures (I don't see why that would be
> prohibited -- for example if I want to sign multiple objects at the same
> time), then this method makes even more sense.


Let me attempt a different angle. I think a more fundamental question is whether we would expect this EE certificate a) to appear in the normal RPKI repository as one of the signed products of a CA, and appear on the manifest - or b) to be an embedded certificate, or c) that it can be a detached EE certificate that lives elsewhere, but is validated against a signing CA cert and CRL that do live in the 'normal' RPKI repository.

Currently looking at the document it's not clear to me whether 'a' or 'c' is intended. My preference however is 'b'.

if a) in the normal RPKI

Then I think we should stick to rsync as it's currently required for all RPKI certificates. Even if using RRDP, we still have the rsync URIs as a hint in the XML so we can find the certificate.

If this is the way, then there are some amendments needed to profile and repository standards - as discussed in the thread - let me not repeat here. Currently deployed RPs *will* choke on this. So this option does not have my preference.

if b) embedded

I prefer this approach because it makes it easier to specify the certificate and define validation in the RPSL-SIG document, and it has no impact on RPKI deployment. If you like I can suggest text..

And if you want to multi-use and fate-share (indeed I think this is generally an easy way to shoot in one's own foot, and don't see optimisation by doing this), you can just embed the same certificate. As I stated in my response to George I am not convinced that the size is problematic. I think we can filter this if we must.

In response to Stephen's suggestion to use another attribute for the certificate: I prefer not to. The reason is that we would have to introduce two new optional attributes that need to appear in conjunction, and I believe this makes it unnecessarily difficult to implement RPSL object validation and attribute filtering. The value of the 'signature' attribute is well-defined and needs to be parsed anyway, so adding an element to contain the certificate does not seem problematic to me.


if c) third location

I believe this is the worst option. Having random third locations to retrieve the EE certificates over http(s) or rsync, different from the RPKI repository itself and from where the RPSL objects are retrieved introduces a lot of overhead for both RPs and publishers, and introduces a potential for failure to retrieve.


> Then the whole back-and-forth started about whether it should be rsync or
> http(s) and now perhaps it's neither. It feels like we're going around in
> circles here :)

Yep, you have my sympathy and I am sorry for not engaging more actively earlier.

We found this and the concerns raised by Tom when we worked on an inter-operating proof of concept implementation recently. On a positive note, as a general concept we found this works. It's really about where to find EE cert, and how to relate it to a CA certificate and CRL in the existing RPKI.



> 
> Robert
> 
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email