Re: [Sidrops] [internet-drafts@ietf.org: New Version Notification for draft-spaghetti-sidrops-cms-signing-time-00.txt]
Job Snijders <job@fastly.com> Wed, 07 June 2023 15:15 UTC
Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4735C14CE25 for <sidrops@ietfa.amsl.com>; Wed, 7 Jun 2023 08:15:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sSWy5G7Lnyi6 for <sidrops@ietfa.amsl.com>; Wed, 7 Jun 2023 08:15:21 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7328C14CEF9 for <sidrops@ietf.org>; Wed, 7 Jun 2023 08:15:21 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id 4fb4d7f45d1cf-51491b87565so1793201a12.1 for <sidrops@ietf.org>; Wed, 07 Jun 2023 08:15:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1686150919; x=1688742919; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=h6/1EfT3HcyZ+oUwcC6jSu3c3fqP4tCztddBumxEY98=; b=qWClx+14gSs2hBlCQJXxEUmfOfipK8Iy9hvbMZe5nRTJ3LRkOJg3CJBVHNuQ18/kKY pZFIfJS7DFM4gC+gN28E9BUJlPwMxz7UXcXiiTNpxyJrkKKrKAKlS7Y7vgvPg2iYLs76 GEPFyj1A6XEXaD3T/+bGciM3+Cb/kI9MQJ6yA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686150919; x=1688742919; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=h6/1EfT3HcyZ+oUwcC6jSu3c3fqP4tCztddBumxEY98=; b=PNsT2o2i45hANm4lvnxPPoP4ys7qNJrNKFG0QriRP2cSn0u0Ka9ZGkR8xHEGxt8Rgm Zuf8ALSt000NM4u0WMjSqy7LwxD6+I6NIXm+ggtc9003DZXx8HyOqd5wOFXQjEu72nx7 ZUl6LqPvYLMizjff1TPeHjNOfV5fPaD/1QIKZpYDpDKDQx8QGlDlBZFbUanR++Rje9X6 gR8zb2kPyxf8phf1j61mqw/RBDUbXlY3R3s29t743NwKe44jt8+sXvoXUVGtq9aKeoI4 O25a12i46gT51kZZrnVjV9eWLO7TevhABPz445T/5Wx697MKAGb9cK5W/Dbbw02Bx6M8 Z2ZQ==
X-Gm-Message-State: AC+VfDwSND0Y32U0EDYlAOkDqSmRlWK+8k8Y8mFfW6vOm8RI3h2l+TZS DuiNQuf3Lb18HKpjjwGX/V4pBSs5+ogBjl1Ya4E=
X-Google-Smtp-Source: ACHHUZ7eT+JiLHx1brRUv1psbseTjHX7DFse1/B87tei63UcKYmO/qc3oELQnCDzFOaciT3sjikraw==
X-Received: by 2002:aa7:c418:0:b0:514:a5f3:be61 with SMTP id j24-20020aa7c418000000b00514a5f3be61mr4423810edq.31.1686150919500; Wed, 07 Jun 2023 08:15:19 -0700 (PDT)
Received: from snel ([2a10:3781:276:1:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id n23-20020aa7c797000000b005027d31615dsm6240494eds.62.2023.06.07.08.15.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 07 Jun 2023 08:15:18 -0700 (PDT)
Date: Wed, 07 Jun 2023 17:15:17 +0200
From: Job Snijders <job@fastly.com>
To: Ties de Kock <tdekock@ripe.net>
Cc: sidrops@ietf.org
Message-ID: <ZICfBbaLU7u5vzC4@snel>
References: <ZH/Q+ea0HO542GV3@snel> <710534A0-B529-4609-9845-96BCB9139381@ripe.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <710534A0-B529-4609-9845-96BCB9139381@ripe.net>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/1x1YiSVupiefw2Y53v9hJSJxbn4>
Subject: Re: [Sidrops] [internet-drafts@ietf.org: New Version Notification for draft-spaghetti-sidrops-cms-signing-time-00.txt]
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2023 15:15:25 -0000
On Wed, Jun 07, 2023 at 04:07:22PM +0200, Ties de Kock wrote: > > On 7 Jun 2023, at 02:36, Job Snijders <job=40fastly.com@dmarc.ietf.org> wrote: > > The below internet-draft provides a reference for the concept outlined > > in https://mailarchive.ietf.org/arch/msg/sidrops/I4-3BPR-r0vd6CguWxV-cLs3fyY/ > > > > This internet-draft describes a use-case for the CMS signing-time > > attribute. From my perspective this internet-draft is complementary to > > Tim & Ties' draft-timbru-sidrops-publication-server-bcp-00 document. > > > > The main takeaways are: > > > > - set the file's mod-time to the CMS signing-time on publisher and RP side > > - CMS signing-time becomes mandatory for Signed Objects > > - CMS binary-signing-time no longer is allowed > > - 100% backwards compatibility with all CA operations in the field > > I assume that you also want to change this MUST in RFC6488 2.1.6.4.3 (and > the similar statement in 2.1.6.4.4): > > The signing-time attribute MAY be present. Note that the presence or > absence of the signing-time attribute MUST NOT affect the validity of > the signed object (as specified in Section 3). The attrType OID for > the signing-time attribute is 1.2.840.113549.1.9.5. Thanks for catching that. We've updated the internet-draft accordingly. > To me this process feels like a search for a use case for signing > time. It was suggested that the CMS signing-time attribute couldn't be used for any purpose because it isn't mandatory. This internet-draft addresses that, based on the observation that in practise the CMS signing-time attribute is included by all CA operations anyway. > In the intermediate period, tools writing consistent time need to > fallback to not before. This makes not before a more elegant (as in, > simple & neat) solution. There are many ways to produce a 'consistent time', but more importantly: (as far as I know) there never was a documented requirement in any RFC for 'consistent time' on the RSYNC service. I suspect that in the past people might have relied on implicit behavior, unaware of a future in which RRDP came into existence which challenged some assumptinons. The lack of specification in this regards seems to have resulted in: * Some Publishers simply don't touch the files after signing as long as they aren't changed (another fine approach, rpki.net is an example) * Some Publishers use notBefore (a valid option, as that indeed helps produce a consistent mod-time) * and some Publishers appear to reset the mod-time of all objects every time an object is added/removed from their repository (not fine, as this produces the least seamless RRDP -> RSYNC failover) > If you propose alternate behaviour for the transition, could you > elaborate on it? As far as I'm concerned there is no concept of a 'transition', other than going from unspecified to specified behaviour. CAs & Publishers might choose to wait until this internet-draft is published as RFC before making any changes to how they do things, that's up to them. On the other hand, knowing that there now is at least one RP implementation that actively attempts to do seamless RRDP -> RSYNC failovers using the CMS signing-time attribute, Publishers could already today take advantage of that by setting the mod-time to the CMS signing-time, if it is present, and if absent - which seems unlikely - do something else (like today). > I do not think backdating is an argument against using not before. In > your proposal, backdating MUST also be applied to not before. Perhaps there is a misunderstanding. It wasn't my intention to express a position (for or against) on the practise of backdating itself, the reference to backdating in this context was intended to highlight that operators using POSIX 'ls' to inspect the local cache might prefer and expect to see a timestamp related to when the Signed Object purportedly came into existence, rather than a (potentially backdated or forward-dated) notBefore value. > In practice, we have observed one of the faster RP implementations > (rpki-prover) reject objects because due to minimal clockskew where > validation started _the second before_ they were valid (RP ran on a > machine using multiple stratum 1 NTP appliances as time server). > > If a CA publishes fast, it must backdate to mitigate this issue if it > wants to be resilient to minimal clock skew. Yes. Kind regards, Job
- [Sidrops] [internet-drafts@ietf.org: New Version … Job Snijders
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Ties de Kock
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Job Snijders
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Ties de Kock
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Job Snijders
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Ties de Kock
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Job Snijders
- Re: [Sidrops] [internet-drafts@ietf.org: New Vers… Ties de Kock