IETF Logo Mail Archive

Re: [sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))

Rob Austein <sra@hactrn.net> Fri, 11 May 2012 02:54 UTC

Return-Path: <sra@hactrn.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F92C11E80B5 for <sidr@ietfa.amsl.com>; Thu, 10 May 2012 19:54:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ju34zCDdzn8y for <sidr@ietfa.amsl.com>; Thu, 10 May 2012 19:54:34 -0700 (PDT)
Received: from cyteen.hactrn.net (cyteen.hactrn.net [66.92.66.68]) by ietfa.amsl.com (Postfix) with ESMTP id CBC6211E8094 for <sidr@ietf.org>; Thu, 10 May 2012 19:54:33 -0700 (PDT)
Received: from thrintun.hactrn.net (thrintun.hactrn.net [IPv6:2002:425c:4242:0:219:d1ff:fe12:5d30]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id 0845728465 for <sidr@ietf.org>; Fri, 11 May 2012 02:54:32 +0000 (UTC)
Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id D05A6170C1 for <sidr@ietf.org>; Thu, 10 May 2012 22:54:31 -0400 (EDT)
Date: Thu, 10 May 2012 22:54:31 -0400
From: Rob Austein <sra@hactrn.net>
To: sidr wg list <sidr@ietf.org>
In-Reply-To: <m262cbl2so.wl%randy@psg.com>
References: <4FA48240.9060405@ops-netman.net> <CE0C4A314044C843AEE900875D90D54E10847F@BRN1WNEXMBX01.vcorp.ad.vrsn.com> <CAL9jLaZMkT-F5x5LAsjDhXsNnbG9akLhEotwT-eC=-6yX0J0kw@mail.gmail.com> <7309FCBCAE981B43ABBE69B31C8D213921BE2860C3@EUSAACMS0701.eamcs.ericsson.se> <m262cbl2so.wl%randy@psg.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/23.4 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20120511025431.D05A6170C1@thrintun.hactrn.net>
Subject: Re: [sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2012 02:54:34 -0000

At Fri, 04 May 2012 17:33:43 -1000, Randy Bush wrote:
> 
> > Might it be possible to create the key pair on the router?
> > Then you don't have to move the private key to the router,
> > You move the public key off the router. Much easier.
> 
> draft-ymbk-bgpsec-rtr-rekeying-00.txt, section 3. Router-Generated Keys

Which notes that a (the?) main reason for even considering anything
other than router-generated keys is that router-generated keys are
somewhat problematic in hot swap scenarios.  After thinking about this
a bit, I'm not sure I really believe in the hot swap issue as
described.  Do we really care which router key is used to sign, so
long as the router key in question is certified properly so that
relying parties can verify the binding between key and signing AS?

So I suspect one could make the router-generated model work well.  One
just has to plan for it (certify router keys from both the live and
hot spare routers) or accept that there will be some cut-over time if
one fails to plan (or if one's plans fail...).

v2.23.0 | Report a Bug | By Email