IETF Logo Mail Archive

Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track

Terry Manderson <terry.manderson@icann.org> Tue, 19 July 2011 20:40 UTC

Return-Path: <terry.manderson@icann.org>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4A2121F8B3F for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 13:40:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.539
X-Spam-Level:
X-Spam-Status: No, score=-106.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O2YvT3OjqX-D for <sidr@ietfa.amsl.com>; Tue, 19 Jul 2011 13:40:50 -0700 (PDT)
Received: from EXPFE100-2.exc.icann.org (expfe100-2.exc.icann.org [64.78.22.237]) by ietfa.amsl.com (Postfix) with ESMTP id F2BE721F8B3E for <sidr@ietf.org>; Tue, 19 Jul 2011 13:40:49 -0700 (PDT)
Received: from EXVPMBX100-1.exc.icann.org ([64.78.22.232]) by EXPFE100-2.exc.icann.org ([64.78.22.237]) with mapi; Tue, 19 Jul 2011 13:40:49 -0700
From: Terry Manderson <terry.manderson@icann.org>
To: Rob Austein <sra@isc.org>
Date: Tue, 19 Jul 2011 13:40:47 -0700
Thread-Topic: [sidr] draft-ietf-sidr-repos-struct to Standards Track
Thread-Index: AcxGHoTPjd+JlLZ4Rg2KrONTWgETIwANZ56o
Message-ID: <CA4C28EF.17F95%terry.manderson@icann.org>
In-Reply-To: <20110719135956.C8EC033C66F@minas-ithil.hactrn.net>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "draft-ietf-sidr-repos-struct@tools.ietf.org" <draft-ietf-sidr-repos-struct@tools.ietf.org>, "sidr@ietf.org" <sidr@ietf.org>
Subject: Re: [sidr] draft-ietf-sidr-repos-struct to Standards Track
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2011 20:40:50 -0000

On 19/07/11 11:59 PM, "Rob Austein" <sra@isc.org> wrote:

> 
> What threat?  Please describe it.
> 
> The only "threat" I saw discussed is, in my opinion, a non-issue: an
> attacker can mangle filenames in the unprotected data stream, thus
> causing objects to fail validation.  An attacker who can do that can
> also mangle the objects themselves in the unprotected data stream,
> which will also cause the objects to fail validation, so being able to
> change the filenames doesn't give the attacker anything new.

I see those two as having a subtle difference. I guess I'm alone in that
observation.

> 
>> The suggestion of adding the mapping/type into the Manifest (while
>> awkward in ietf processing) gives both the mapping result, and
>> removes the CA/Repository threat identified.
> 
> The file types are already in the manifest, because the file types are
> encoded in the filenames, which are in the manifest.

ok. So in which case before I give in to making repos-struct a PS, I would
want to see words somewhere that say that the validation choice for an RPKI
object file is to based on the filename in the manifest and not on the
transferred filename. Do such words already exist? If so, where? And is that
how validation implementations are already coded?

For some reason all I can think about with this extensions discussion is the
.txt.vbs windows worm exploit.. its all just so 1990's..

T.

v2.23.0 | Report a Bug | By Email