IETF Logo Mail Archive

Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-pki-profiles-19: (with DISCUSS and COMMENT)

Sean Turner <sean@sn3rd.com> Thu, 05 January 2017 00:40 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1AA612946D for <sidr@ietfa.amsl.com>; Wed, 4 Jan 2017 16:40:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yx3jwLOKnogw for <sidr@ietfa.amsl.com>; Wed, 4 Jan 2017 16:40:40 -0800 (PST)
Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F165912947A for <sidr@ietf.org>; Wed, 4 Jan 2017 16:40:37 -0800 (PST)
Received: by mail-qt0-x22f.google.com with SMTP id c47so506295219qtc.2 for <sidr@ietf.org>; Wed, 04 Jan 2017 16:40:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SUQpKi6YtsaRImZP1GQoiDyeQ9gRbyMiCRP7quZZwQU=; b=Z1uS3qfvjuhLuRN7FrLohBwCzbyECaLKaRnx4C/fgUdb9Y6ysrJ43/H77VzE1SC1vl PFPgLjpgKBvdDMbOSwMH3YX/tFTtpfT1ja8xye47xbgkKRPRgqEuzUm0n98yHO+3gBFW R2j1vbTlfyJe5l/sD2N2u/1QWgj8NTmI9+wPI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SUQpKi6YtsaRImZP1GQoiDyeQ9gRbyMiCRP7quZZwQU=; b=nWwBz6RewdTObeOmuDmyrKPy8qEJcsUXyP8LhuojP27/AitxGUE/ssR8hII6eas86g rlgoUr4Bo7hme9ikv2e2hQBgD4FovWTCtgHuV035R7Gr2ynz9mYc4aejH5HxliMzqbWG fDe0Q1iccm1x5Fs+mRaNiishH33FkbjcshJd9SM2pJQAvGuqKumeP/43yzG5jLsN45Rj UDAZszKXyiyRCfrkqlyNtud3ZL0j6/P5NJ4RduCwVGs66wpDxvz1cEcnMyBiEFp0+AQ7 WlpUo/odTlFZdnqISR87maY19gcvdOWWmK08MJr594ga3kdcZHZPBcO0Gnc9GfUlkbR+ 1Yjg==
X-Gm-Message-State: AIkVDXLX3pYKq2C9uEQHCH9wBZM2MZlaKpPBrYlo7KkJ+4sKkp/CGx1p3VwQlQWwTNp+Rw==
X-Received: by 10.237.32.70 with SMTP id 64mr62407792qta.163.1483576837111; Wed, 04 Jan 2017 16:40:37 -0800 (PST)
Received: from [172.16.0.92] (pool-173-73-120-80.washdc.east.verizon.net. [173.73.120.80]) by smtp.gmail.com with ESMTPSA id j204sm2313792qke.36.2017.01.04.16.40.35 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 04 Jan 2017 16:40:35 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <c28c708f-4376-fd26-ad96-844072ff925a@cs.tcd.ie>
Date: Wed, 04 Jan 2017 19:40:34 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <2E7D8CAE-4C41-40AA-86E1-3E63B6F0F064@sn3rd.com>
References: <148353788046.13042.160471261406266.idtracker@ietfa.amsl.com> <20170104200413.1DFD04581178@minas-ithil.hactrn.net> <99955d9c-4771-dd45-f019-313661631e87@cs.tcd.ie> <20170104221557.73CF84581C4F@minas-ithil.hactrn.net> <0811b400-fc2a-8675-7b74-4b549940de65@cs.tcd.ie> <E797A202-BF76-4D41-8679-D939E7CC44B1@sn3rd.com> <c28c708f-4376-fd26-ad96-844072ff925a@cs.tcd.ie>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
X-Mailer: Apple Mail (2.3124)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidr/rLVF09IF-_Be-jaDlegxUViD3Pk>
Cc: Rob Austein <sra@hactrn.net>, Chris Morrow <morrowc@ops-netman.net>, sidr-chairs@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-sidr-bgpsec-pki-profiles@ietf.org, sidr@ietf.org
Subject: Re: [sidr] Stephen Farrell's Discuss on draft-ietf-sidr-bgpsec-pki-profiles-19: (with DISCUSS and COMMENT)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 00:40:41 -0000

In my editor’s copy.

spt

> On Jan 4, 2017, at 19:19, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Hiya,
> 
> Yep, I guess the text below is good enough.
> 
> Thanks,
> S.
> 
> On 04/01/17 23:56, Sean Turner wrote:
>>   Common name encoding options that are supported are
>>   printableString and UTF8String.  For BGPsec Router Certificates, it
>>   is RECOMMENDED that the common name attribute contain the literal
>>   string "ROUTER-" followed by the 32-bit AS Number [RFC3779] encoded
>>   as eight hexadecimal digits and that the serial number attribute
>>   contain the 32-bit BGP Identifier [RFC4271] (i.e., the router ID)
>>   encoded as eight hexadecimal digits.  If there is more than one AS
>>   number, the choice of which to include in the common name is at the
>>   discretion of the Issuer. If the same certificate is issued to more
>>   than one router (hence the private key is shared among these
>>   routers), the choice of the router ID used in this name is at the
>>   discretion of the Issuer.
>

v2.23.0 | Report a Bug | By Email