IETF Logo Mail Archive

Re: [sidr] WG adoption poll for draft-huston-rpki-validation-01

Terry Manderson <terry.manderson@icann.org> Wed, 30 April 2014 00:38 UTC

Return-Path: <terry.manderson@icann.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEC3E1A08EB for <sidr@ietfa.amsl.com>; Tue, 29 Apr 2014 17:38:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.851
X-Spam-Level:
X-Spam-Status: No, score=-4.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MTYQTS2pAcRl for <sidr@ietfa.amsl.com>; Tue, 29 Apr 2014 17:38:32 -0700 (PDT)
Received: from EXPFE100-1.exc.icann.org (expfe100-1.exc.icann.org [64.78.22.236]) by ietfa.amsl.com (Postfix) with ESMTP id F0DB61A07A0 for <sidr@ietf.org>; Tue, 29 Apr 2014 17:38:31 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-1.exc.icann.org ([64.78.22.236]) with mapi; Tue, 29 Apr 2014 17:38:30 -0700
From: Terry Manderson <terry.manderson@icann.org>
To: Sandra Murphy <sandy@tislabs.com>, "sidr@ietf.org" <sidr@ietf.org>
Date: Tue, 29 Apr 2014 17:38:35 -0700
Thread-Topic: [sidr] WG adoption poll for draft-huston-rpki-validation-01
Thread-Index: Ac9kDIGEp9bFi0akQtmOuRSyEY7huA==
Message-ID: <CF86747A.31369%terry.manderson@icann.org>
References: <BBA7CCE4-1A6C-4D06-A5DC-54B93A1D2202@tislabs.com>
In-Reply-To: <BBA7CCE4-1A6C-4D06-A5DC-54B93A1D2202@tislabs.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="B_3481699115_8428372"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/t262W8d3xig66ep4FFgG2WUYvV0
Subject: Re: [sidr] WG adoption poll for draft-huston-rpki-validation-01
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 00:38:35 -0000

I think there is a discussion here that needs to occur. I'm not convinced
that this document is the complete embodiment of that which should be
adopted or it's the sole answer to the problem space.

However I do share the concerns that in the growing complexity of RPKI
certificate structures any incorrect construction of the 3779 extensions
affects all subordinate certificates, even if some other lineage of INRs
in that certificate chain is pristine throughout, thus impacting the IN
holder's / routing operator's attestations. My reading of this problem
statement reaches the conclusion that the impact on a route degrades the
security posture (invalid certificate hence invalid ROA) such that the
RP's decision should interpreted as 'NotFound' (RFC6907/RFC6811).

Clearly a degradation of the security posture isn't ideal, and may cause
the litigious parts of the internet community to initiate action (clearly
not a desirable thing for any CA operator) as it allows any permutation of
routing attacks. But I also wonder if this is a facet of the tight binding
of the secure routing operations to the RPKI hierarchy and in the efforts
of reaching 'perfect' security attestations we have caused ourselves some
disservice in introducing unacceptable[1] levels of operational fragility.
 [[1] I'm quite sure this is subjective.]

Or perhaps (humour me for a minute) x.509 certificates might be the wrong
tool to use. When I consider a pure view of an x.509 certificate I view it
as "this certificate attests that all of it's contents are 100% correct".
For me, changing that position is a slippery slope - I'm not allergic to
it but I want the hiking boots on all the same.

For me this is then conditional support, if the authors (and the WG) are
willing to think of this document as the germination of the discussion
(which I believe I saw in George's email), then I will support adoption.

Cheers
Terry


On 26/04/2014 2:05 am, "Sandra Murphy" <sandy@tislabs.com> wrote:

>The authors of draft-huston-rpki-validation-01.txt, RPKI Validation
>Reconsidered, have requested wg adoption.
>
>See http://tools.ietf.org/html/draft-huston-rpki-validation-01.
>
>Please do respond to the list as to whether you support the wg adopting
>this as a work item.  You do not need to comment on the content of this
>draft at this time.  You are asked to indicate if you think that this is
>work that the wg should be doing and whether this draft is an acceptable
>starting point.  Adding whether you can/will review or not is useful.
>
>Note that active support is required for adoption.  Silence is a vote
>against adoption.
>
>This adoption call will end on 9 May 2014.
>
>--Sandy, speaking as wg co-chair
>_______________________________________________
>sidr mailing list
>sidr@ietf.org
>https://www.ietf.org/mailman/listinfo/sidr

v2.23.0 | Report a Bug | By Email