Re: [sidr] Current document status && directionz

"Roque Gagliano (rogaglia)" <rogaglia@cisco.com> Tue, 06 September 2016 21:51 UTC

Return-Path: <rogaglia@cisco.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39CBF12B1A9; Tue, 6 Sep 2016 14:51:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -16.029
X-Spam-Level:
X-Spam-Status: No, score=-16.029 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcP0KthQ_PXX; Tue, 6 Sep 2016 14:51:22 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B74EC12B0DA; Tue, 6 Sep 2016 14:51:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3719; q=dns/txt; s=iport; t=1473198681; x=1474408281; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=iL59kMwGQTx7F9yu1+mZnV64Q7mfJLw5DY6HRtcRWkI=; b=ac/e3u9H1TBtxiMGWne2EnDC9Mq92Gc6uxESfkALUNTMmFpAHDPAp7L5 lWXtN9xmse3jrDYOLgfQvTf/NGqveuZb1UY4EgqaDqIgNhOoLVvKzS+Gg H9IZPgWesNaJ/yNpnlH+ui01RghmBCu9zQgjnxQwv0FdBJ03Up9qyGgPi 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CPAQDsOM9X/4UNJK1dGgEBAQECAQEBA?= =?us-ascii?q?YMtAQEBAQEeV3wHjSeeU4w1ggIZC4V4AoFhOBQBAgEBAQEBAQFeJ4RiAQEEAQE?= =?us-ascii?q?BGlELEAIBCBguIQYLJQIEAQ0FG4gVAxcOuHwNgwwBAQEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEXBYYvhE6CQ4FPEQEGFoU/HQWZHzQBhiCGPoJXj1mIQoQKg3kBHjaER3C?= =?us-ascii?q?EEQ0XB4ECfwEBAQ?=
X-IronPort-AV: E=Sophos;i="5.30,293,1470700800"; d="scan'208";a="148916048"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 06 Sep 2016 21:51:20 +0000
Received: from XCH-RTP-012.cisco.com (xch-rtp-012.cisco.com [64.101.220.152]) by alln-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id u86LpKrM002323 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 6 Sep 2016 21:51:20 GMT
Received: from xch-rtp-011.cisco.com (64.101.220.151) by XCH-RTP-012.cisco.com (64.101.220.152) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 6 Sep 2016 17:51:19 -0400
Received: from xch-rtp-011.cisco.com ([64.101.220.151]) by XCH-RTP-011.cisco.com ([64.101.220.151]) with mapi id 15.00.1210.000; Tue, 6 Sep 2016 17:51:19 -0400
From: "Roque Gagliano (rogaglia)" <rogaglia@cisco.com>
To: "Carlos M. Martinez" <carlosm3011@gmail.com>, Chris Morrow <morrowc@ops-netman.net>
Thread-Topic: [sidr] Current document status && directionz
Thread-Index: AQHSCIjNwDSafJV2ikaIhhAEiDU42Q==
Date: Tue, 6 Sep 2016 21:51:19 +0000
Message-ID: <D3F50594.57D21%rogaglia@cisco.com>
References: <yj9ooa46aumt.wl%morrowc@ops-netman.net> <AAE3F119-98A3-4618-BBFB-76F921316BD1@gmail.com> <349cb6ac-f4fe-29e5-b01f-3223b14e47de@gmail.com>
In-Reply-To: <349cb6ac-f4fe-29e5-b01f-3223b14e47de@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.7.160722
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.55.172.245]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <01FF0070F19F8149B54E82182B0E2D64@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/r7TY-x2HCgDRN84kDz32o8Y9mPk>
Cc: "sidr-ads@ietf.org" <sidr-ads@ietf.org>, "sidr-chairs@ietf.org" <sidr-chairs@ietf.org>, "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] Current document status && directionz
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 21:51:23 -0000

Carlos,

I guess what the RIRs are going to do is to create a CA hierarchy:
RIR_CA_0/0_(probably a hidden HSM) ‹> RIR_CA_RIR_RESOURCES (online HSM) ‹>
member_CA

This means that not much changed from the current situation multiple
self-signed certs, other than instead of getting the list of resources for
each RIR from the first CA certificated, I need to fetch the second level
CA cert.

Is this how you plan to implement this change?

Regards,
Roque

‹ 
Roque Gagliano
Tail-f Solutions Architect Southern Europe
+41 76 449 8867





On 06/09/16 00:54, "sidr on behalf of Carlos M. Martinez"
<sidr-bounces@ietf.org on behalf of carlosm3011@gmail.com>; wrote:

>Here is the pointer to the document:
>
>https://tools.ietf.org/html/draft-rir-rpki-allres-ta-app-statement-01
>
>Apologies for my earlier laziness.
>
>On 9/5/2016 3:32 PM, Carlos M. Martinez wrote:
>> Hi Chris,
>> 
>> I know we already discussed this over private email, but perhaps you can
>> comment on the list on the future of the requested WG adoption call for
>> the Œall resources¹ applicability statement draft.
>> 
>> thanks!
>> 
>> -Carlos
>> 
>> On 2 Sep 2016, at 17:56, Chris Morrow wrote:
>> 
>>>
>>> Howdy SIDR peeps,
>>> (+bonus ops ad)
>>>
>>> Following on the Berlin meeting we were trying to accomplish two
>>> things:
>>>
>>>   1) get all documents related to sidr protocols into wglc and then
>>>   publication
>>>
>>>   2) get all documents which are more operationally focused moved
>>>   along to an ops group (sidr-ops or something akin to that)
>>>
>>> With that in mind there are 8 documents in the publication queue:
>>>   draft-ietf-sidr-as-migration
>>>   draft-ietf-sidr-bgpsec-algs
>>>   draft-ietf-sidr-bgpsec-ops
>>>   draft-ietf-sidr-bgpsec-overview
>>>   draft-ietf-sidr-bgpsec-pki-profiles
>>>   draft-ietf-sidr-bgpsec-protocol
>>>   draft-ietf-sidr-origin-validation-signaling
>>>   draft-ietf-sidr-rpki-rtr-rfc6810-bis
>>>
>>> and 11 still in progress. Of the 11 left Sandy and I think they
>>> roughly break down like:
>>>
>>> Documents which should move to the ops group:
>>>   draft-ietf-sidr-bgpsec-rollover
>>>   draft-ietf-sidr-lta-use-cases
>>>   draft-ietf-sidr-route-server-rpki-light - authors notified/queried
>>> about this
>>>   draft-ietf-sidr-rtr-keying
>>>
>>> documents which should finish out in sidr:
>>>   draft-ietf-sidr-delta-protocol
>>>   draft-ietf-sidr-publication
>>>   draft-ietf-sidr-rpki-oob-setup - pub request in flight
>>>   draft-ietf-sidr-rpki-tree-validation
>>>   draft-ietf-sidr-rpki-validation-reconsidered
>>>   draft-ietf-sidr-slurm - authors recently updated
>>>   draft-ietf-sidr-adverse-actions - wglc imminent
>>>
>>> I think if there's no meaningful discussion on change for these
>>> between now and 9/16/2016 (Sept 16th) we will assume this list is
>>> correct. For documents in the 'move' list, if progress to publication
>>> happens 'good!'. For all documents in the 'stays' list:
>>>   1) we aim to have wglc by Seoul
>>>   2) publication requests started on as many as possible
>>>
>>> We plan to meet in Seoul, but not in Chicago (Mar 2017) where we
>>> expect the ops group to exist and meet. We can progress documents in
>>> SIDR after Seoul, but the WG should close out shortly after the new
>>> year. (or that's the goal).
>>>
>>> Thoughts?
>>> -chris
>>>
>>> _______________________________________________
>>> sidr mailing list
>>> sidr@ietf.org
>>> https://www.ietf.org/mailman/listinfo/sidr
>
>_______________________________________________
>sidr mailing list
>sidr@ietf.org
>https://www.ietf.org/mailman/listinfo/sidr