Re: [Sidrops] trying to limit RP processing variability
Randy Bush <randy@psg.com> Thu, 16 April 2020 13:30 UTC
Return-Path: <randy@psg.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 555AC3A081F for <sidrops@ietfa.amsl.com>; Thu, 16 Apr 2020 06:30:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QrWGVm1ekMgJ for <sidrops@ietfa.amsl.com>; Thu, 16 Apr 2020 06:30:45 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE6B3A07E1 for <sidrops@ietf.org>; Thu, 16 Apr 2020 06:30:44 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.90_1) (envelope-from <randy@psg.com>) id 1jP4bK-0003Zq-31; Thu, 16 Apr 2020 13:30:42 +0000
Date: Thu, 16 Apr 2020 06:30:41 -0700
Message-ID: <m24ktjpnge.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Martin Hoffmann <martin@opennetlabs.com>
Cc: "sidrops@ietf.org" <sidrops@ietf.org>, Stephen Kent <stkent=40verizon.net@dmarc.ietf.org>, Robert Kisteleki <robert@ripe.net>
In-Reply-To: <20200416113320.53500fa6@glaurung.nlnetlabs.nl>
References: <a9448e54-320f-300c-d4f9-d01aca2b6ef4.ref@verizon.net> <a9448e54-320f-300c-d4f9-d01aca2b6ef4@verizon.net> <63c18696-fe3b-c66f-d8ae-fb132f78ee9f@ripe.net> <a0067385-adb8-cadd-3a7f-3a362176d265@verizon.net> <e3bcba98-c664-0c27-850f-137251cc314a@ripe.net> <a1c7b748-6dda-c555-0ab7-3727d34bc672@verizon.net> <20200415124611.7af291b1@glaurung.nlnetlabs.nl> <m2wo6gpq6j.wl-randy@psg.com> <20200416113320.53500fa6@glaurung.nlnetlabs.nl>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/26.3 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/0jiK7BQy58rSD9NhpnqQ-kk2tFk>
Subject: Re: [Sidrops] trying to limit RP processing variability
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 13:30:46 -0000
>>> An attacker who can delete files can as easily replace them with >>> something else with the same result. >> not really. > I cannot think of a case where an attack can manipulate the rsync > exchange, impersonate the rsync server, or manipulate the file system > of the legitimate rsync server in such a way that they can signal > to an rsync client to delete existing files but not to replace them > partially or completely. > > What am I missing? 6486 4.2 fileList: This field is a sequence of FileAndHash objects. There is one FileAndHash entry for each currently valid signed object that has been published by the authority (at this publication point). Each FileAndHash is an ordered pair consisting of the name of the file in the repository publication point (directory) that contains the object in question and a hash of the file's contents. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- [Sidrops] trying to limit RP processing variabili… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Robert Kisteleki
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Di Ma
- Re: [Sidrops] trying to limit RP processing varia… Robert Kisteleki
- Re: [Sidrops] trying to limit RP processing varia… Claudio Jeker
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Robert Kisteleki
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Di Ma
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Claudio Jeker
- Re: [Sidrops] trying to limit RP processing varia… Tim Bruijnzeels
- Re: [Sidrops] trying to limit RP processing varia… Tim Bruijnzeels
- Re: [Sidrops] trying to limit RP processing varia… Jay Borkenhagen
- Re: [Sidrops] trying to limit RP processing varia… Randy Bush
- Re: [Sidrops] trying to limit RP processing varia… Robert Kisteleki
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Tim Bruijnzeels
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Randy Bush
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Claudio Jeker
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Randy Bush
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… George Michaelson
- Re: [Sidrops] trying to limit RP processing varia… Tim Bruijnzeels
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Martin Hoffmann
- Re: [Sidrops] trying to limit RP processing varia… Randy Bush
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent
- Re: [Sidrops] trying to limit RP processing varia… Rob Austein
- Re: [Sidrops] trying to limit RP processing varia… Job Snijders
- Re: [Sidrops] trying to limit RP processing varia… Stephen Kent