IETF Logo Mail Archive

Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track

Stephen Kent <kent@bbn.com> Wed, 20 July 2011 15:35 UTC

Return-Path: <kent@bbn.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C5B721F8A97 for <sidr@ietfa.amsl.com>; Wed, 20 Jul 2011 08:35:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4bO8URT-w+vk for <sidr@ietfa.amsl.com>; Wed, 20 Jul 2011 08:35:40 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 3B16D21F8A23 for <sidr@ietf.org>; Wed, 20 Jul 2011 08:35:40 -0700 (PDT)
Received: from dhcp89-089-043.bbn.com ([128.89.89.43]:49157) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1QjYnb-000NBv-Nk; Wed, 20 Jul 2011 11:34:59 -0400
Mime-Version: 1.0
Message-Id: <p06240804ca49ea3cbe8a@[10.20.230.158]>
In-Reply-To: <CA49EA9B.17E1B%terry.manderson@icann.org>
References: <CA49EA9B.17E1B%terry.manderson@icann.org>
Date: Wed, 20 Jul 2011 11:34:33 -0400
To: Terry Manderson <terry.manderson@icann.org>
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: Rob Austein <sra@isc.org>, "draft-ietf-sidr-repos-struct@tools.ietf.org" <draft-ietf-sidr-repos-struct@tools.ietf.org>, "sidr-chairs@tools.ietf.org" <sidr-chairs@tools.ietf.org>, "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2011 15:35:41 -0000

>...
>
>I'm happy to see things tagged in a normative fashion, I just think putting
>the eggs into the filename/directory basket as a standards action is
>worrying.
>
>Cheers
>Terry

Since we're using basic file systems for the repository (e.g., vs. 
LDAP), I think file names are an obvious candidate for labeling the 
object types in an easy fashion, for an RP's initial processing. 
Ultimately, an RP will check
the OID for each object and verify the signature on each object (for 
the critical, signed objects). But with the file name extension we 
allow an RP to rely on that top level declaration by a CA, and then 
see if that declaration holds up when more detailed checks are made.

Steve

v2.23.0 | Report a Bug | By Email