IETF Logo Mail Archive

Re: [Sidrops] draft-ietf-sidrops-rpki-has-no-identity-00

Tim Bruijnzeels <tim@nlnetlabs.nl> Tue, 11 May 2021 14:52 UTC

Return-Path: <tim@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 883043A1A51 for <sidrops@ietfa.amsl.com>; Tue, 11 May 2021 07:52:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lDdjqBcBZWoR for <sidrops@ietfa.amsl.com>; Tue, 11 May 2021 07:52:49 -0700 (PDT)
Received: from outbound.soverin.net (outbound.soverin.net [IPv6:2a01:4f8:fff0:2d:8::218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E94283A1A5F for <sidrops@ietf.org>; Tue, 11 May 2021 07:52:47 -0700 (PDT)
Received: from smtp.soverin.net (unknown [10.10.3.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 49624601F3; Tue, 11 May 2021 14:52:46 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [159.69.232.142]) by soverin.net
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nlnetlabs.nl; s=soverin; t=1620744765; bh=Lc380oECSrFEf/CzErleB7EMjFb8RQtP7B6eak9tv6Q=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=OEhzyR+tvH5CIZum5HkSObnc6k0x95OE1U5Gha/c6HCTp5VzpmEOiIrBHHAV3Yqvz h84/yP61Kty3lnpc0lyhRxiOFRhCmb65u95a6WjujUmt4651ieya2ahnWEKD+SqULf u2E24r+o0HjxOU4FEkPmDNsRK19IpKwBIpzObRqvBYMTgPOSifGiuj5e6uLeEIp6JB mlX2FJGtlrdITdF/tVL684Omjwug74ku+5KSxkhiApHzMqAlX02buvV683g3nL6fFS PZ2O0QFXAwkeU+oCTbMlYsSFM92F/yTpDu2zlLv9gtDHzbu2sJEAskDYIKWGCnlEp1 9Qbya2w2fQSfw==
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Tim Bruijnzeels <tim@nlnetlabs.nl>
In-Reply-To: <41914016-4496-4FBC-A753-9481CAEDD231@vigilsec.com>
Date: Tue, 11 May 2021 16:52:41 +0200
Cc: Randy Bush <randy@psg.com>, SIDR Operations WG <sidrops@ietf.org>, George Michaelson <ggm@algebras.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A8A5DE46-60E0-4C33-9BE8-8794C1C34819@nlnetlabs.nl>
References: <m2k0o6uqot.wl-randy@psg.com> <CAKr6gn3oCZBOP3L8AQWvH9Nk4fum-ycZCnHO_DUtgdx5M=z_+A@mail.gmail.com> <m2fsyuuofa.wl-randy@psg.com> <CAKr6gn18yGTrAiqPA2P+kc+JBt2Tf8D-G4Gf5WCnASm8vk1Fvg@mail.gmail.com> <4455A207-2637-444B-BDA0-1209425C2EF2@vigilsec.com> <2D988AA2-7860-4F5E-B9D4-87A747A39FD2@nlnetlabs.nl> <41914016-4496-4FBC-A753-9481CAEDD231@vigilsec.com>
To: Russ Housley <housley@vigilsec.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/1AxxV0UFbh_6RmKO4nkmkUR5FwM>
Subject: Re: [Sidrops] draft-ietf-sidrops-rpki-has-no-identity-00
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2021 14:52:55 -0000

Russ:

> On 11 May 2021, at 16:45, Russ Housley <housley@vigilsec.com> wrote:
> 
> Tim:
> 
>>> I am confused.  The RPKI design purposely avoids binding IIJ's identity to the resources assigned to IIJ. What kind of assertions need two signatures, one that ca be validated with an RPKI certificate and the other can be validated with a certificate from an identity-confirming PKI?
>> 
>> I believe that the main point here is that a parent RPKI CA does not attest to the identity of a child. It just associates INRs to $their public key.
>> 
>> However, with RSC/RTA the operator of that child CA could then sign an attestation containing anything else, including a public B-PKI key that they may wish to associate with their INRs in specific use cases.
>> 
>> At least that is how understood George's words. Please correct me if I misunderstood George :)
> 
> I think that RSC/RTA are saying that the holder of an INR has signed a statement.  The identity is not important in that context.  The fact that the are the holder of that INR is waht is important to validate the signed statement.

Indeed, I think we are saying the same thing.

What I am saying, and understanding George to say, is that data part in the signed statement can _contain_ identity information. Such as a B-PKI public key, or public PGP key, to be used in out of band communications about the resources.

But again George, if I misunderstood you correct me..

Tim


> 
> Russ
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops

v2.23.0 | Report a Bug | By Email