IETF Logo Mail Archive

Re: [sidr] Poll: WG acceptance of draft-ymbk-rpki-grandparenting-02

Byron Ellacott <bje@apnic.net> Thu, 13 December 2012 02:55 UTC

Return-Path: <bje@apnic.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D4C521F8540 for <sidr@ietfa.amsl.com>; Wed, 12 Dec 2012 18:55:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.557
X-Spam-Level:
X-Spam-Status: No, score=0.557 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1, RELAY_IS_203=0.994]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FSilynt7KuXN for <sidr@ietfa.amsl.com>; Wed, 12 Dec 2012 18:55:29 -0800 (PST)
Received: from ia-mailgw.apnic.net (ia-mailgw.apnic.net [IPv6:2001:dd8:a:3::243]) by ietfa.amsl.com (Postfix) with SMTP id 9FA3421F8566 for <sidr@ietf.org>; Wed, 12 Dec 2012 18:55:27 -0800 (PST)
Received: from IAMDA1.org.apnic.net (unknown [203.119.93.247]) by ia-mailgw.apnic.net (Halon Mail Gateway) with ESMTP; Thu, 13 Dec 2012 12:55:21 +1000 (EST)
Received: from NXMDA1.org.apnic.net ([fe80::c877:49c3:86f7:9d67]) by IAMDA1.org.apnic.net ([fe80::d35:7ac6:ff34:45a%19]) with mapi id 14.01.0421.002; Thu, 13 Dec 2012 12:55:21 +1000
From: Byron Ellacott <bje@apnic.net>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Thread-Topic: [sidr] Poll: WG acceptance of draft-ymbk-rpki-grandparenting-02
Thread-Index: AQHN2KLQNFsDPT+wmkqsEIdYrKUXupgVYaoA
Date: Thu, 13 Dec 2012 02:55:20 +0000
Message-ID: <C758F16C-5E27-4B64-8357-3BD355734CEB@apnic.net>
References: <50C8E17D.3090507@isode.com>
In-Reply-To: <50C8E17D.3090507@isode.com>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [2001:dc0:a000:4:6078:8acf:678b:b25e]
Content-Type: multipart/signed; boundary="Apple-Mail=_0559025F-2323-42CD-BD20-E0B8981BFB60"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
Cc: sidr wg <sidr@ietf.org>
Subject: Re: [sidr] Poll: WG acceptance of draft-ymbk-rpki-grandparenting-02
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2012 02:55:31 -0000

Hi Alexey & WG,

On 13/12/2012, at 5:56 AM, Alexey Melnikov <alexey.melnikov@isode.com> wrote:

> 1) Is the problem described/solved by draft-ymbk-rpki-grandparenting-02 actually a problem that the WG needs to address? (Answer: yes or no. Additional information is welcomed, but I don't want people to repeat the whole discussion.)

No (with a 'but' under q.2).

The draft itself points out why the problem does not need to be addressed by the WG: "Managing RPKI data in such relationships is simple, but should be done carefully."  RPKI reflects records of current INR holdings.  If a CA recognises that INR holdings have changed, they may issue certificates to reflect that.  If they do not recognise changed INR holdings, they may not issue certificates (RFC 6484 4.2.2.)  Thus, if there is a business practice to recognise grandchildrens' rights to use resources, the RPKI can already match that practice.

IOW, there IS a problem, but it's not one for a technical working group to resolve, it's one for bilateral business relationships to resolve.

Hopefully that falls under 'additional information' rather than 'repeating the whole discussion'. :-)

> 2) If you answered "yes" to the question #1, please also answer the following question:
> 
> Is draft-ymbk-rpki-grandparenting-02 a reasonable starting point to become a WG document? Please choose one of the following:
> 
> a) Ready for Adoption (whether or not you have some specific issues with it. Also, this answer is unrelated to whether this should be a separate draft or a part of an existing draft).
> 
> b) Needs more work BEFORE Adoption
> 
> c) Should not be adopted. In particular this mean that you don't believe any amount of work on the proposed draft will address your issues. So any solution to this problem should be a new draft written from scratch.
> 
> d) Abstain/don't care

(c)

While I answered 'No' for (1), recognising the "carefully" part above may allow for a draft describing where in their CPS a CA can provide assurance to both children and grandchildren that they will act responsibly around these relationships, such as grace periods on revocation.  It would be possible to convert the current draft to do that, but the amount of change would make that effectively a new draft, I think.

> 3) If you answered "a" or "b" above, please also answer the following question:
> 
> Does this need to be in a standalone draft, or can it be incorporated into another existing WG draft? When answering this question please only base your answer on technical reasons, in particular please leave the decision on who is going to edit the document (if it is standalone) to WG chairs.

n/a

Thanks,
  Byron

v2.23.0 | Report a Bug | By Email