Re: [sidr] RPKI: Are relying parties really supposed to validate DER encoding?

Russ Housley <housley@vigilsec.com> Thu, 10 January 2019 22:39 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 851241312B8 for <sidr@ietfa.amsl.com>; Thu, 10 Jan 2019 14:39:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l6cCzaLZjG8r for <sidr@ietfa.amsl.com>; Thu, 10 Jan 2019 14:39:03 -0800 (PST)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 297D91312B1 for <sidr@ietf.org>; Thu, 10 Jan 2019 14:39:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 83DD9300546 for <sidr@ietf.org>; Thu, 10 Jan 2019 17:20:45 -0500 (EST)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id TcMc8oEO59D7 for <sidr@ietf.org>; Thu, 10 Jan 2019 17:20:44 -0500 (EST)
Received: from a860b60074bd.fios-router.home (pool-108-45-137-105.washdc.fios.verizon.net [108.45.137.105]) by mail.smeinc.net (Postfix) with ESMTPSA id 2368A300064; Thu, 10 Jan 2019 17:20:44 -0500 (EST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CAA0dE=X-hjb8UY6Gm_QJP+Vwqp5d8ho6rjYxZ4vSVF9SctAN_g@mail.gmail.com>
Date: Thu, 10 Jan 2019 17:39:00 -0500
Cc: IETF SIDR <sidr@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <C6527D42-1457-4F51-A345-4242B78E3535@vigilsec.com>
References: <CAA0dE=X-hjb8UY6Gm_QJP+Vwqp5d8ho6rjYxZ4vSVF9SctAN_g@mail.gmail.com>
To: Alberto Leiva <ydahhrk@gmail.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/n8cq2UFxfEuID4MQogpKDdKUQz4>
Subject: Re: [sidr] RPKI: Are relying parties really supposed to validate DER encoding?
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jan 2019 22:39:06 -0000

See the Section on DER encoding at https://en.wikipedia.org/wiki/X.690.

> On Jan 10, 2019, at 5:26 PM, Alberto Leiva <ydahhrk@gmail.com>; wrote:
> 
> Hello.
> 
> I have a question:
> 
> RFC 6488 section 3.1.l (https://tools.ietf.org/html/rfc6488#section-3)
> wants relying parties (RPs) to validate that all RPKI signed objects
> are DER-encoded, which (I think) means that they must be BER-encoded
> with minimal and unique representations.
> 
> But I have found at least one other requirement that seems to
> contradict this: RFC 6482 section 3.3, fourth paragraph, second half,
> claims that a ROA (which is a signed object) is allowed to contain
> redundant ROAIPAddress elements.
> 
> Furthermore, RFC 3779 (which is meaningfully referenced by the ROA and
> RPKI certificate (6487) RFCs) states the following:
> 
>   relying parties do
>   not need to sort the information, or to implement extra code in the
>   subset checking algorithms to handle several boundary cases
>   (adjacent, overlapping, or subsumed ranges).
> 
> Which seems to be paraphraseable as "RPs can parse signed objects as
> if they were BER-encoded, without worrying about DER."
> 
> In fact, my reading of it is that the entirety of RFC 3779 seems to be
> of the mind that IP and AS extension writers are intended to strictly
> adhere to DER specifically for the sake of simplifying the task of
> RPs. RFC 6488, on the other hand, wants both to be strict.
> 
> So what's the consensus?
> 
> _______________________________________________
> sidr mailing list
> sidr@ietf.org
> https://www.ietf.org/mailman/listinfo/sidr