Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track
Terry Manderson <terry.manderson@icann.org> Tue, 19 July 2011 12:51 UTC
Return-Path: <terry.manderson@icann.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB3E721F854C for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 05:51:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.535
X-Spam-Level:
X-Spam-Status: No, score=-106.535 tagged_above=-999 required=5 tests=[AWL=0.063, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H6xRhZ+IcC+O for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 05:51:53 -0700 (PDT)
Received: from EXPFE100-2.exc.icann.org (expfe100-2.exc.icann.org [64.78.22.237]) by ietfa.amsl.com (Postfix) with ESMTP id 5583821F851F for <sidr@ietf.org>; Tue, 19 Jul 2011 05:51:53 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-2.exc.icann.org ([64.78.22.237]) with mapi; Tue, 19 Jul 2011 05:51:52 -0700
From: Terry Manderson <terry.manderson@icann.org>
To: Randy Bush <randy@psg.com>
Date: Tue, 19 Jul 2011 05:51:50 -0700
Thread-Topic: [sidr] draft-ietf-sidr-repos-struct to Standards Track
Thread-Index: AcxGBU0CyMKBu47zQmiYld9ZLl+qowADVNRv
Message-ID: <CA4BBB06.17F28%terry.manderson@icann.org>
In-Reply-To: <m239i2pllp.wl%randy@psg.com>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "draft-ietf-sidr-repos-struct@tools.ietf.org" <draft-ietf-sidr-repos-struct@tools.ietf.org>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 12:51:53 -0000
On 19/07/11 9:15 PM, "Randy Bush" <randy@psg.com> wrote: >> I think there is an easier way, as already suggested. Add the object >> type to the manifest in FileandHash. >> >> 1) the rescert points to the publication point and manifest >> 2) the manifest is mandatory >> 3) the manifest is signed >> 4) the manifest is nicely(?) readable ASN.1 > > so move the deck chairs from coding the type in a directory maintained > by the operating system to one the spec and the programmers write and > maintain? big win there, eh? The win is to eliminate a threat that has already been identified on the list. Is that not worthwhile? Perhaps consider it from a view of security requirement, than coding ease. > >> Really its a much nicer and more robust solution than either throwing the >> entire structure out or using filename extensions to 'mandate' file/object >> content. > > we've a long tradition of using the file name extensions, formalities > for registering them, ... do we really need to reinvent the wheel? > where is the win? > In the case of a repository system that may over time represent some worth, and looking at this from a point of eventually operating such a repository high up in the tree I have a concern of injecting 2 more paragraphs of text into a organisational risk analysis that could raise eyebrows given a simple solution to an identified threat has been proposed. I can tell now I'll be answering "What the!?!" type questions from people with significantly more influence than I for weeks, if not months. :( >>> i suspect no one else wants to go there, at least no one with code in >>> the game. >> Really... that is a shame. I always thought that coders wanted to make >> their code less susceptible to adverse external influence. > > luckily for me, i do not have to think. they already supported the move > from bcp to ps on this very list. And I can only hope they rethink their position. > > for this to be changed now is not impossible. it just needs some really > solid reasoning and really solid documentation of how and why it should > be changed. > So both Steve and Rob identified that mapping is required to remove a mini DoS threat (and I'm fine with that). Geoff and I have the belief that a mapping based on the extension exposes a CA/Repository related threat given the objects are supposed to be secure in nature. The suggestion of adding the mapping/type into the Manifest (while awkward in ietf processing) gives both the mapping result, and removes the CA/Repository threat identified. What other documentation are you looking for? If it helps, I can also propose the ASN.1 substitution for the manifest and the necessary paragraph for the IANA considerations section. Cheers Terry
- [sidr] draft-ietf-sidr-repos-struct to Standards … Stewart Bryant
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Geoff Huston
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Rob Austein
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Geoff Huston
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Rob Austein
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Geoff Huston
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Geoff Huston
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Tim Bruijnzeels
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Rob Austein
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Tim Bruijnzeels
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Randy Bush
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Sandra Murphy
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Rob Austein
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Andrew Chi
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Terry Manderson
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… t.petch
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… Stephen Kent
- Re: [sidr] draft-ietf-sidr-repos-struct to Standa… t.petch
- [sidr] draft-ietf-sidr-repos-struct - Track Stewart Bryant