Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles
Chris Morrow <morrowc@ops-netman.net> Thu, 03 May 2012 14:14 UTC
Return-Path: <morrowc@ops-netman.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 922D921F85FF; Thu, 3 May 2012 07:14:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.3
X-Spam-Level:
X-Spam-Status: No, score=-2.3 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_15=0.6, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AipxCa9FnjZD; Thu, 3 May 2012 07:14:20 -0700 (PDT)
Received: from mailserver.ops-netman.net (mailserver.ops-netman.net [IPv6:2001:470:e495:fade:5054:ff:fe79:69db]) by ietfa.amsl.com (Postfix) with ESMTP id D7A6C21F8601; Thu, 3 May 2012 07:14:19 -0700 (PDT)
Received: from donkey.her.corp.google.com (unknown [IPv6:2620:0:100a:0:baac:6fff:fe92:fb7a]) (Authenticated sender: morrowc@OPS-NETMAN.NET) by mailserver.ops-netman.net (Postfix) with ESMTPSA id 2FDC0320086; Thu, 3 May 2012 14:14:12 +0000 (UTC)
Message-ID: <4FA292AF.2040901@ops-netman.net>
Date: Thu, 03 May 2012 10:14:07 -0400
From: Chris Morrow <morrowc@ops-netman.net>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: "t.petch" <ietfc@btconnect.com>
References: <CAL9jLaZ6y7TAGx844e65ReJsaUFW5sOGNKKMUth3G4VMZV8Z8g@mail.gmail.com> <00d501cd2902$7a53d440$4001a8c0@gateway.2wire.net>
In-Reply-To: <00d501cd2902$7a53d440$4001a8c0@gateway.2wire.net>
X-Enigmail-Version: 1.4.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: sidr-chairs@ietf.org, "sidr-ads@tools.ietf.org" <sidr-ads@tools.ietf.org>, sidr@ietf.org
Subject: Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 May 2012 14:14:20 -0000
On 05/03/2012 03:57 AM, t.petch wrote: > A question arising from my ignorance. > > How do values in the security arc get assigned? Not IANA since there are no > IANA considerations, but how then? good question... the below are asn.1 things, quickly searching around isn't helping me out much either :( Russ, any idea how this happens in practice? 'lick finger, test wind, guess number' seems like the wrong method... > > On the IANA profiles web page I can see > (1.3.6.1.5.5.4) > and > (1.3.6.1.5.5.8) > but no 1.3.6.1.5.5.7, just a reference to Russ. > > > Tom Petch > > ----- Original Message ----- > From: "Christopher Morrow" <morrowc.lists@gmail.com> > To: <sidr@ietf.org>; <sidr-chairs@ietf.org> > Sent: Friday, April 13, 2012 10:16 PM > > Helo WG peoples, > The following update posted today. Sean and Tom have come to agreement > on their differences, I believe this closes the last open items on > this document. > > Let's start a WGLC for this, ending: 4/27/2012 or 27/4/2012 > > Thanks! > -Chris > <co-chair> > > On Fri, Apr 13, 2012 at 3:03 PM, <internet-drafts@ietf.org> wrote: >> >> A New Internet-Draft is available from the on-line Internet-Drafts > directories. This draft is a work item of the Secure Inter-Domain Routing > Working Group of the IETF. >> >> Title : A Profile for BGPSEC Router Certificates, Certificate Revocation > Lists, and Certification Requests >> Author(s) : Mark Reynolds >> Sean Turner >> Steve Kent >> Filename : draft-ietf-sidr-bgpsec-pki-profiles-03.txt >> Pages : 11 >> Date : 2012-04-13 >> >> This document defines a standard profile for X.509 certificates for >> the purposes of supporting validation of Autonomous System (AS) paths >> in the Border Gateway Protocol (BGP), as part of an extension to that >> protocol known as BGPSEC. BGP is a critical component for the proper >> operation of the Internet as a whole. The BGPSEC protocol is under >> development as a component to address the requirement to provide >> security for the BGP protocol. The goal of BGPSEC is to design a >> protocol for full AS path validation based on the use of strong >> cryptographic primitives. The end-entity (EE) certificates specified >> by this profile are issued under Resource Public Key Infrastructure >> (RPKI) Certification Authority (CA) certificates, containing the AS >> Identifier Delegation extension, to routers within the Autonomous >> System (AS). The certificate asserts that the router(s) holding the >> private key are authorized to send out secure route advertisements on >> behalf of the specified AS. This document also profiles the >> Certificate Revocation List (CRL), profiles the format of >> certification requests, and specifies Relying Party certificate path >> validation procedures. The document extends the RPKI; therefore, >> this documents updates the RPKI Resource Certificates Profile (RFC >> 6487). >> >> >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-03.txt >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> This Internet-Draft can be retrieved at: >> ftp://ftp.ietf.org/internet-drafts/draft-ietf-sidr-bgpsec-pki-profiles-03.txt >> >> _______________________________________________ >> sidr mailing list >> sidr@ietf.org >> https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr >
- [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profiles Christopher Morrow
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Brian Dickson
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… t.petch
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Chris Morrow
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Matt Lepinski
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Sean Turner
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Murphy, Sandra
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Stephen Kent
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Randy Bush
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Warren Kumari
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Sean Turner
- Re: [sidr] WGLC: draft-ietf-sidr-bgpsec-pki-profi… Warren Kumari