Re: [sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))

Christopher Morrow <morrowc.lists@gmail.com> Fri, 11 May 2012 18:51 UTC

Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5350B21F86FE for <sidr@ietfa.amsl.com>; Fri, 11 May 2012 11:51:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.284
X-Spam-Level:
X-Spam-Status: No, score=-103.284 tagged_above=-999 required=5 tests=[AWL=-0.285, BAYES_00=-2.599, J_CHICKENPOX_33=0.6, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HRTCOP5Him+4 for <sidr@ietfa.amsl.com>; Fri, 11 May 2012 11:51:04 -0700 (PDT)
Received: from mail-ob0-f172.google.com (mail-ob0-f172.google.com [209.85.214.172]) by ietfa.amsl.com (Postfix) with ESMTP id B2F5B21F8705 for <sidr@ietf.org>; Fri, 11 May 2012 11:51:00 -0700 (PDT)
Received: by obbeh20 with SMTP id eh20so4348851obb.31 for <sidr@ietf.org>; Fri, 11 May 2012 11:51:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=TbMAxnBKOME2KbA3XLXQbwND5OwtysK2L1EoZj0hAGs=; b=OVMslg+upmcDjz56aB2Lep10DifX/0eg3ZvGTM6oF2A0cKwHm4Nvn9Pmrlqcl1k18d fMf5z4hMAkQOeKwGCgm3Gp3aIsF5PQoeGdd+WAoYQBHvaqQgUvczfEFB5QX3zNm17aSg WGngxZWtZMN/JsGrl0r36dYoY9wU9Ovd+MKOamoM+3XjwFFudixSTyLlH45vXWu4FofL adB1ksMyPxjJfELOJCaza/h8LI9nt6DIgra/n0YtLwPCQeSmzj68rJVk0rp4mLuTid55 dr8G78zKZB5+6Q8jUakBfkbcLi5qmPEoGLpgi3pcTR8A3Aj5Jc/sSRzRTppHksCrixrF W4Yw==
MIME-Version: 1.0
Received: by 10.60.1.67 with SMTP id 3mr13251436oek.15.1336762260313; Fri, 11 May 2012 11:51:00 -0700 (PDT)
Sender: christopher.morrow@gmail.com
Received: by 10.182.166.71 with HTTP; Fri, 11 May 2012 11:51:00 -0700 (PDT)
In-Reply-To: <m28vgyo8wq.wl%randy@psg.com>
References: <4FA48240.9060405@ops-netman.net> <CE0C4A314044C843AEE900875D90D54E10847F@BRN1WNEXMBX01.vcorp.ad.vrsn.com> <CAL9jLaZMkT-F5x5LAsjDhXsNnbG9akLhEotwT-eC=-6yX0J0kw@mail.gmail.com> <7309FCBCAE981B43ABBE69B31C8D213921BE2860C3@EUSAACMS0701.eamcs.ericsson.se> <m262cbl2so.wl%randy@psg.com> <20120511025431.D05A6170C1@thrintun.hactrn.net> <m23977pc67.wl%randy@psg.com> <CAL9jLab63Gx12aGMEQO8X878Xb+_dUOoNtKTqW1dQ4qOF3J7Uw@mail.gmail.com> <m28vgyo8wq.wl%randy@psg.com>
Date: Fri, 11 May 2012 14:51:00 -0400
X-Google-Sender-Auth: M9B_GG2Jpm5UotiSaO8FMvmpnZc
Message-ID: <CAL9jLaayCvtPCWV02px+kCOZ=CqJE+6CzAY3gD8d_rGbESz0qw@mail.gmail.com>
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Randy Bush <randy@psg.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Rob Austein <sra@hactrn.net>, sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] RPKI and private keys (was RE: Interim Meeting Draft Agenda: 04-30-2012 (April 30, 2012)))
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2012 18:51:06 -0000

On Fri, May 11, 2012 at 2:43 PM, Randy Bush <randy@psg.com> wrote:

>> though I contend you have time between 'card fail' and 'router back to
>> normal' to ship a key in the ether/ssh to the device too.
>
> by the time the replacement re is sufficiently on net to create and send
> a public key to the noc for signing and publishing, the router is up and
> has at least some routing data.  so the subsequent publication delay
> would be a critical path delay (in the pert sense) to full, i.e. bgpsec,
> use.

hrm, so... normally something like this happens:
  1) router go boom
  2) troubleshooting ensues to see where the problem is (what to fix)
  3) RE/RSP is determined to be at fault
  4) spares call placed
  5) spare arrives and is placed into the chassis
  6) reboot/checkout happens
  7) customer links brought back online
  8) things return to 'normal'

I think that at 1 all routing stops (or enough stops that you stop it
all anyway).
I think that at 6 you are in a state where at a minimum the router has
core-facing connectivity and you are placing the config back on the
device + relevant other bits (the key in question).

So... I agree you can make a key locally, you can ALSO probably just
re-ship the current stored-in-a-safe key to the device, because you've
got an extra 10 seconds for a complete new SSH session to come up/down
while scp'ing the file-o-key-material to the remote device.

-chris