Re: [Sidrops] [Last-Call] [lamps] Fwd: Last Call: <draft-ietf-sidrops-rpki-has-no-identity-04.txt> (The I in RPKI does not stand for Identity) to Proposed Standard
Russ Housley <housley@vigilsec.com> Fri, 11 March 2022 00:12 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 02B693A0C43;
Thu, 10 Mar 2022 16:12:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_NONE=0.001,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id q1ul2STZ0dh6; Thu, 10 Mar 2022 16:12:50 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 02FA73A0C3D;
Thu, 10 Mar 2022 16:12:50 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1])
by mail3.g24.pair.com (Postfix) with ESMTP id D711E1232B9;
Thu, 10 Mar 2022 19:12:45 -0500 (EST)
Received: from a860b60074bd.fios-router.home
(pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mail3.g24.pair.com (Postfix) with ESMTPSA id C4F5A1232B8;
Thu, 10 Mar 2022 19:12:45 -0500 (EST)
Content-Type: text/plain;
charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <19977.1646505904@localhost>
Date: Thu, 10 Mar 2022 19:12:45 -0500
Cc: Ben Kaduk <kaduk@mit.edu>, SIDR Operations WG <sidrops@ietf.org>,
LAMPS <spasm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6AE9245C-A721-41B4-AE08-3D7CF680341F@vigilsec.com>
References: <164642447410.28300.14979172722907480601@ietfa.amsl.com>
<20220305043121.GH22457@mit.edu> <19977.1646505904@localhost>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/34CO7OfOvaOwBtw8VTa0YAyrKVo>
Subject: Re: [Sidrops] [Last-Call] [lamps] Fwd: Last Call:
<draft-ietf-sidrops-rpki-has-no-identity-04.txt> (The I in RPKI does not
stand for Identity) to Proposed Standard
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>,
<mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>,
<mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Mar 2022 00:12:55 -0000
Michael: Did you see the ARTART review on the last-call@ietf.org mail list? I think you questions were answered by Randy in response to that review. Russ > On Mar 5, 2022, at 1:45 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > I have read the document. > I was unaware of it until it was posted. > > It seems like this document is fighting some kind of guerilla fight against > pressures to provide a higher RoI for doing RPKI. > > I'm personally really annoyed that ARIN has been so restrictive with access > to the public key that can used to validate the RPKI that originates with > them. > > } It has been suggested that one could authenticate real-world business > } transactions with the signatures of INR holders. E.g. Bill's Bait and Sushi > } could use their AS in the RPKI to sign a Letter of Authorization (LOA) for > } some other party to rack and stack hardware owned by BB&S. Unfortunately, > } this is not formally feasible. > > I think that it would be nice if some specific proposals were mentioned. > > I don't really know what: > } no proof of termination > > means. > > I feel like this document might better be written by an ARIN or ICANN lawyer > in a cease and decist kind of fashion, and that really, adults should be > allowed to do whatever they like with their private keys in the privacy of > their own HSMs. > > It isn't clear that we gain by publishing this document. > > At some poine in the 1990s, I was assured that Dunn & Bradstreet where going > to issue certificates useful for business transactions. That never, AFAIK, > happened. > > } Government of Elbonia > > citation! citation! :-) :-) > > -- > ] Never tell me the odds! | ipv6 mesh networks [ > ] Michael Richardson, Sandelman Software Works | IoT architect [ > ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ > > > -- > Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) > Sandelman Software Works Inc, Ottawa and Worldwide >
- [Sidrops] Last Call: <draft-ietf-sidrops-rpki-has… The IESG
- Re: [Sidrops] [lamps] Fwd: Last Call: <draft-ietf… Michael Richardson
- Re: [Sidrops] [lamps] Fwd: Last Call: <draft-ietf… Michael Richardson
- Re: [Sidrops] [Last-Call] [lamps] Fwd: Last Call:… Russ Housley
- Re: [Sidrops] [Last-Call] [lamps] Fwd: Last Call:… Michael Richardson