Re: [sidr] I-D Action: draft-ietf-sidr-rpki-validation-reconsidered-07.txt
Tim Bruijnzeels <tim@ripe.net> Mon, 03 October 2016 12:02 UTC
Return-Path: <tim@ripe.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5024912B016 for <sidr@ietfa.amsl.com>; Mon, 3 Oct 2016 05:02:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.896
X-Spam-Level:
X-Spam-Status: No, score=-4.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.996] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RFSipmVhqsaf for <sidr@ietfa.amsl.com>; Mon, 3 Oct 2016 05:02:28 -0700 (PDT)
Received: from mahimahi.ripe.net (mahimahi.ripe.net [IPv6:2001:67c:2e8:11::c100:1372]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1A6F12B008 for <sidr@ietf.org>; Mon, 3 Oct 2016 05:02:27 -0700 (PDT)
Received: from nene.ripe.net ([193.0.23.10]) by mahimahi.ripe.net with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.84) (envelope-from <tim@ripe.net>) id 1br1wu-0008AG-CP for sidr@ietf.org; Mon, 03 Oct 2016 14:02:26 +0200
Received: from sslvpn.ripe.net ([193.0.20.230] helo=vpn-114.ripe.net) by nene.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from <tim@ripe.net>) id 1br1wu-0001ym-19; Mon, 03 Oct 2016 14:02:24 +0200
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Tim Bruijnzeels <tim@ripe.net>
In-Reply-To: <147549573538.29788.558040062904935004.idtracker@ietfa.amsl.com>
Date: Mon, 03 Oct 2016 14:02:23 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <94FCC144-5FE1-4848-A79D-72EFE433A0C7@ripe.net>
References: <147549573538.29788.558040062904935004.idtracker@ietfa.amsl.com>
To: sidr <sidr@ietf.org>
X-Mailer: Apple Mail (2.3124)
X-ACL-Warn: Delaying message
X-RIPE-Spam-Level: ------------
X-RIPE-Spam-Report: Spam Total Points: -12.0 points pts rule name description ---- ---------------------- ------------------------------------ -7.5 ALL_TRUSTED Passed through trusted hosts only via SMTP -2.6 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000]
X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a0719dbd181090b4d6756b6218e424b52197d
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/c9dFeB2uGc4rmeqTsax2-Uj41hg>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-rpki-validation-reconsidered-07.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2016 12:02:32 -0000
Dear working group, Following working group feedback from the session in Berlin, and on list, this new version now includes new OIDs to make the choice of validation algorithm explicit. The OIDs were not requested from IANA yet, because I first want to make sure that the text and structure as written is correct. This version also contains a suggested deployment time line, essentially requiring RP software to support this within a reasonable timeframe, and allowing CAs to opt-in to this algorithm. We hope that this addresses the remaining concerns that were raised. Kind regards Tim Bruijnzeels > On 03 Oct 2016, at 13:55, internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Secure Inter-Domain Routing of the IETF. > > Title : RPKI Validation Reconsidered > Authors : Geoff Huston > George Michaelson > Carlos M. Martinez > Tim Bruijnzeels > Andrew Lee Newton > Daniel Shaw > Filename : draft-ietf-sidr-rpki-validation-reconsidered-07.txt > Pages : 21 > Date : 2016-10-03 > > Abstract: > This document proposes an update to the certificate validation > procedure specified in RFC 6487 that reduces aspects of operational > fragility in the management of certificates in the RPKI, while > retaining essential security features. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-validation-reconsidered/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-sidr-rpki-validation-reconsidered-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-rpki-validation-reconsidered-07 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr
- [sidr] I-D Action: draft-ietf-sidr-rpki-validatio… internet-drafts
- Re: [sidr] I-D Action: draft-ietf-sidr-rpki-valid… Tim Bruijnzeels