Re: [sidr] Last Call: <draft-ietf-sidr-rpki-validation-reconsidered-08.txt> (RPKI Validation Reconsidered) to Proposed Standard
"Alvaro Retana (aretana)" <aretana@cisco.com> Wed, 26 July 2017 21:12 UTC
Return-Path: <aretana@cisco.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7700131471; Wed, 26 Jul 2017 14:12:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Level:
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hGXIgOT5m0rt; Wed, 26 Jul 2017 14:12:43 -0700 (PDT)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9757131D14; Wed, 26 Jul 2017 14:12:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3026; q=dns/txt; s=iport; t=1501103557; x=1502313157; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=cvV8M+HomSm3S7VeKUpP/fMNxfuXvQPHfWZPSHzYsng=; b=hPXEVrzZ7P8rU0sgptZY8WIvikKsKtVmf4ryxF2x9gH0APq6IQ0YgLv6 pw+EAeTSokp3U6XlJbeq2EGVSBt5fkj5CCc+62clgFMMu0qvRblsIHGkR dMlm20GgXRgJr4pxVdiREL9XRhlD5Soq7MLJYKuQ4uNM3PYotjfNcIs8T c=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BlAQB0BXlZ/5xdJa1dGwEBAQMBAQEJAQEBg1pkbScHjgWnaw6CBC6FGQIagzU/GAECAQEBAQEBAWsdC4UZBiMROgsQAgEIGgIfBwICAjAUARACBA4Fii8QsSOCJotGAQEBAQEBAQEBAQEBAQEBAQEBAQEBGAWBC4Idg02BYSuCeYQ9NoMTMIIxBYcnkDGIAwKHTYcXhTyCDIVQil6VbwEfOIEKdxVbAYU4gU52hncrgQWBDgEBAQ
X-IronPort-AV: E=Sophos;i="5.40,416,1496102400"; d="scan'208";a="461204248"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-3.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Jul 2017 21:12:36 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id v6QLCaXk032608 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 26 Jul 2017 21:12:36 GMT
Received: from xch-aln-002.cisco.com (173.36.7.12) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 26 Jul 2017 16:12:35 -0500
Received: from xch-aln-002.cisco.com ([173.36.7.12]) by XCH-ALN-002.cisco.com ([173.36.7.12]) with mapi id 15.00.1210.000; Wed, 26 Jul 2017 16:12:35 -0500
From: "Alvaro Retana (aretana)" <aretana@cisco.com>
To: "sidr@ietf.org" <sidr@ietf.org>
CC: "draft-ietf-sidr-rpki-validation-reconsidered@ietf.org" <draft-ietf-sidr-rpki-validation-reconsidered@ietf.org>, "morrowc@ops-netman.net" <morrowc@ops-netman.net>, "sidr-chairs@ietf.org" <sidr-chairs@ietf.org>
Thread-Topic: Last Call: <draft-ietf-sidr-rpki-validation-reconsidered-08.txt> (RPKI Validation Reconsidered) to Proposed Standard
Thread-Index: AQHTBkYBBykr1oUDM0WVW2Qz6POQOaJmrAQA
Date: Wed, 26 Jul 2017 21:12:35 +0000
Message-ID: <943AE76A-DF05-48F1-B0B1-44701ECD406D@cisco.com>
References: <150109758383.22932.4989139734698533154.idtracker@ietfa.amsl.com>
In-Reply-To: <150109758383.22932.4989139734698533154.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.22.0.170515
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.117.15.4]
Content-Type: text/plain; charset="utf-8"
Content-ID: <B468636B6AB02E44802A321F47477F66@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/r0jqSdSJKXlsbKZc5-eXUSVKTmA>
Subject: Re: [sidr] Last Call: <draft-ietf-sidr-rpki-validation-reconsidered-08.txt> (RPKI Validation Reconsidered) to Proposed Standard
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jul 2017 21:12:46 -0000
Dear sidr WG: I want to call attention to this Last Call. The document has undergone significant editorial changes since the WGLC – none of which change the operation or other technical aspects. The changes are meant mainly to not obsolete the current procedures at this time. I have asked for an extended IETF Last Call (3 weeks instead of 2) to give the WG time to review. Thanks! Alvaro. On 7/26/17, 3:33 PM, "iesg-secretary@ietf.org on behalf of The IESG" <iesg-secretary@ietf.org> wrote: The IESG has received a request from the Secure Inter-Domain Routing WG (sidr) to consider the following document: - 'RPKI Validation Reconsidered' <draft-ietf-sidr-rpki-validation-reconsidered-08.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-08-15. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies an alternative to the certificate validation procedure specified in RFC 6487 that reduces aspects of operational fragility in the management of certificates in the RPKI, while retaining essential security features. The use of this updated procedure is signaled by form of a set of alternative Object Identifiers (OIDs) indicating that the alternative version of RFC 3779 X.509 Extensions for IP Addresses and AS Identifiers, and certificate policy for the Resource Public Key Infrastructure (RFC 6484) defined in this document should be used. Furthermore this document provides an alternative to ROA (RFC 6482), and BGPSec Router Certificate (BGPSec PKI Profiles - publication requested) validation. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-validation-reconsidered/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-validation-reconsidered/ballot/ No IPR declarations have been submitted directly on this I-D.
- [sidr] Last Call: <draft-ietf-sidr-rpki-validatio… The IESG
- Re: [sidr] Last Call: <draft-ietf-sidr-rpki-valid… Alvaro Retana (aretana)
- Re: [sidr] Last Call: <draft-ietf-sidr-rpki-valid… Randy Bush