IETF Logo Mail Archive

[sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))

"Murphy, Sandra" <Sandra.Murphy@sparta.com> Fri, 04 May 2012 22:24 UTC

Return-Path: <Sandra.Murphy@sparta.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A359721F84D8 for <sidr@ietfa.amsl.com>; Fri, 4 May 2012 15:24:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.393
X-Spam-Level:
X-Spam-Status: No, score=-102.393 tagged_above=-999 required=5 tests=[AWL=-0.394, BAYES_00=-2.599, J_CHICKENPOX_45=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YMzj3hHT2FUx for <sidr@ietfa.amsl.com>; Fri, 4 May 2012 15:24:10 -0700 (PDT)
Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 987E321F84D0 for <sidr@ietf.org>; Fri, 4 May 2012 15:24:09 -0700 (PDT)
Received: from Beta5.sparta.com (beta5.sparta.com [157.185.63.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id q44MO76r012716; Fri, 4 May 2012 17:24:07 -0500
Received: from Hermes.columbia.ads.sparta.com ([157.185.80.107]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id q44MO7J0003263; Fri, 4 May 2012 17:24:07 -0500
Received: from HERMES.columbia.ads.sparta.com ([2002:9db9:506b::9db9:506b]) by Hermes.columbia.ads.sparta.com ([::1]) with mapi id 14.01.0355.002; Fri, 4 May 2012 18:24:06 -0400
From: "Murphy, Sandra" <Sandra.Murphy@sparta.com>
To: Danny McPherson <danny@tcb.net>, Christopher Morrow <morrowc.lists@gmail.com>
Thread-Topic: RPKI and private keys (was RE: [sidr] Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))
Thread-Index: AQHNKkSJz7TI33mXqEag9uIgDcAF1w==
Date: Fri, 04 May 2012 22:24:05 +0000
Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F60F707BE6@Hermes.columbia.ads.sparta.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.185.63.118]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: sidr wg <sidr@ietf.org>, "sidr-chairs@tools.ietf.org" <sidr-chairs@tools.ietf.org>, "sidr-ads@tools.ietf.org" <sidr-ads@tools.ietf.org>
Subject: [sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2012 22:24:10 -0000

still speaking as regular ol' member

Looking back, I do not see a reply from Danny to my question below.

But the subsequent conversation reads to me like "onboard .. signing certificates" means getting the private keys routers would use for signing into the routers.

Because the below implies that the "signing certificates", i.e., private keys, would be "from the RPKI", I figure I'd better speak up.  Just in case someone actually thought that was being suggested.

Communicating the router's private keys in the RPKI would be a bad idea.

First, of course, is the confidentiality concern.  Private keys are supposed to be protected from exposure.  Creating RPKI objects where they would be protected from exposure would be hard.

Furthermore, the private keys used in the routers are strictly a local concern.  There is no need to communicate them globally.  So publishing them in the RPKI at all, even if protected, would be a poor choice.

I do not know that anyone plans to use the rpki-rtr protocol to get private keys to the router.

--Sandy, speaking as regular ol' member

________________________________________
From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Murphy, Sandra [Sandra.Murphy@sparta.com]
Sent: Wednesday, April 11, 2012 1:28 PM
To: Danny McPherson; Christopher Morrow
Cc: sidr-ads@tools.ietf.org; sidr-chairs@tools.ietf.org; sidr wg
Subject: Re: [sidr] Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)

speaking as regular ol' member

On Tuesday, April 10, 2012 9:15 PM, Danny McPherson [danny@tcb.net] said:

>From there, we can discuss the issue of, for example, HOW TO onboard
>and purge signing and validating certificates to routers from the RPKI --
>[I suspect the intention was to use rpki-rtr protocol for this, but it doesn't
>currently support it, nor are the security implications clear].

I can not  understand your comment.  What do you mean by "signing certificates"?

I can guess that "validating certificates" means the certs carrying public keys used to validate signatures, but the "signing certificates" part has me stumped.

--Sandy


________________________________________
From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Danny McPherson [danny@tcb.net]
Sent: Tuesday, April 10, 2012 9:15 PM
To: Christopher Morrow
Cc: sidr wg; sidr-chairs@tools.ietf.org; sidr-ads@tools.ietf.org
Subject: Re: [sidr] Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)

On Apr 10, 2012, at 8:56 PM, Christopher Morrow wrote:

> yes, my goal was to have updated the wiki today at the office, work
> intruded... tomorrow I'll do that with some more content for each
> item, and hopefully better coordinates as well for the location.

Thanks.

>> Also, are we collecting requirements for these (e.g., object scale, RPs, etc..)?  Basing these discussions on requirements that exist somewhere already?  Or simply discussing solutions that have already been developed and deployment experience?  If the latter, then we can we ensure we reference and prepare to discuss what requirements drive to the development of those solutions?
>>
>
> I think the only bit in the 3 that has a current 'requirements'
> discussion is the 'freshness' (item 2). The first item 'deployment
> discussion' is really a discussion of:
>  "Should there be some document that describes the top N (3?)
> deployment scenarios && where should that document/presentation/etc
> live?" (I suppose implicit in that is 'requirements for format,
> content, intended audience')

I was thinking more simply along the lines of "a fully deployed RPKI today would have o objects and r RPs a c churn and we ought to ensure our designs accommodate that" -- only then can we have a reasonable discussion on, e.g., data freshness?  What have we based these design goals on thus far - do we have a stable reference for this?

>From there, we can discuss the issue of, for example, HOW TO onboard and purge signing and validating certificates to routers from the RPKI -- [I suspect the intention was to use rpki-rtr protocol for this, but it doesn't currently support it, nor are the security implications clear].

Only when we get to that point will we really begin to understand the dynamics of RPKI and it's employment for secure routing (well beyond "authorized" origin policy configuration), and the impact of rate+state in both the RPKI and it's effectuating in the routing system, and perhaps most importantly, the inter-dependencies between the two (even basic stuff like the rate of updates from an RPKI cache to a router in a fully loaded system given today's RPKI object counts).

>> Also, it looks to me like we're in dire need of a charter update...
>
> for which? (I didn't think that any of the 3 items was actually
> outside of the current charter)

I meant the goals and milestones, apologies for not being clear.

-danny
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr

v2.30.2 | Report a Bug | By Email | System Status