Re: [Sidrops] 6486bis: Failed Fetches
Nick Hilliard <nick@foobar.org> Thu, 27 August 2020 15:16 UTC
Return-Path: <nick@foobar.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FD583A0DA6; Thu, 27 Aug 2020 08:16:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.848
X-Spam-Level:
X-Spam-Status: No, score=-2.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.948, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZdwZjyGnu79Q; Thu, 27 Aug 2020 08:16:35 -0700 (PDT)
Received: from mail.netability.ie (mail.netability.ie [IPv6:2a03:8900:0:100::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31CA13A0DCC; Thu, 27 Aug 2020 08:16:34 -0700 (PDT)
X-Envelope-To: sidrops@ietf.org
Received: from crumpet.local (admin.ibn.ie [46.182.8.8]) (authenticated bits=0) by mail.netability.ie (8.15.2/8.15.2) with ESMTPSA id 07RFGW3o090024 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 27 Aug 2020 16:16:32 +0100 (IST) (envelope-from nick@foobar.org)
X-Authentication-Warning: cheesecake.ibn.ie: Host admin.ibn.ie [46.182.8.8] claimed to be crumpet.local
To: Stephen Kent <stkent=40verizon.net@dmarc.ietf.org>
Cc: sidrops@ietf.org
References: <20200817163134.29aa1a6b@glaurung.nlnetlabs.nl> <c1a8fffb-9106-d08e-4254-44ddf1a0115a@verizon.net> <20200818083659.1922a98c@grisu.home.partim.org> <6cebcc89-3e07-8a85-3813-b4ae9887d119@verizon.net> <20200826122539.52493813@glaurung.nlnetlabs.nl> <b71c9c88-fb10-b037-d06a-910711e51e04@verizon.net> <cf7030be-adc4-dde4-7eda-516339fd6c91@verizon.net>
From: Nick Hilliard <nick@foobar.org>
Message-ID: <915de042-af0f-e518-c841-5a10402c1868@foobar.org>
Date: Thu, 27 Aug 2020 16:16:30 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:52.0) Gecko/20100101 PostboxApp/7.0.27
MIME-Version: 1.0
In-Reply-To: <cf7030be-adc4-dde4-7eda-516339fd6c91@verizon.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/0aw0x4kE2ERXcibE6GAmMkpuQSQ>
Subject: Re: [Sidrops] 6486bis: Failed Fetches
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2020 15:16:37 -0000
Stephen Kent wrote on 27/08/2020 16:07: > When I the WG chairs tell me that I misunderstood the WG consensus re > strict correctness then I will revisit this topic. However, the recent > messages from Mikael and Job suggest that your perception of WG > consensus is not accurate. This issue is one that needs to be decided by > network operators, not by developers of RP software. I agree with the > observations made by Mikael and Job, i.e., that requiring strict > conformance with manifest rules is the preferred approach. I concur - strictness is generally desirable when dealing with data integrity. In this case, the manifest problem was harmless and the data integrity was unaffected. Speaking as an operator and rpki consumer, what I don't have good handle on is whether the manifest checks that would be required to detect the problem that happened at ARIN would also detect actual manifest integrity problems. If the answer to this is yes, then there is no question about whether these checks should be added to the code bases that currently lack them. Otherwise they are a nice-to-have, and I'd very much like to see them added. Nick
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- [Sidrops] 6486bis: Failed Fetches Martin Hoffmann
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Martin Hoffmann
- Re: [Sidrops] 6486bis: Failed Fetches George Michaelson
- Re: [Sidrops] 6486bis: Failed Fetches Di Ma
- Re: [Sidrops] 6486bis: Failed Fetches George Michaelson
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Martin Hoffmann
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Nick Hilliard
- Re: [Sidrops] 6486bis: Failed Fetches Randy Bush
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Jay Borkenhagen
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Di Ma
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Jay Borkenhagen
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels
- Re: [Sidrops] 6486bis: Failed Fetches Stephen Kent
- Re: [Sidrops] 6486bis: Failed Fetches Christopher Morrow
- Re: [Sidrops] 6486bis: Failed Fetches Tim Bruijnzeels