Re: [Sidrops] draft-ietf-sidrops-rpki-has-no-identity-00

George Michaelson <ggm@algebras.org> Tue, 11 May 2021 23:45 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C56223A2B19 for <sidrops@ietfa.amsl.com>; Tue, 11 May 2021 16:45:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oQ1euJFiIM7X for <sidrops@ietfa.amsl.com>; Tue, 11 May 2021 16:45:33 -0700 (PDT)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 456A63A2B18 for <sidrops@ietf.org>; Tue, 11 May 2021 16:45:33 -0700 (PDT)
Received: by mail-lf1-x12d.google.com with SMTP id i9so24542038lfe.13 for <sidrops@ietf.org>; Tue, 11 May 2021 16:45:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jd9HJzycE8kFZwNJn5IXr/C3V0ESnEMqscExPsiSXRY=; b=iB64LzXhU5n9CoF9ohHCqmhuuPK0c5QcmVRy++QVW2Uj6/cP3FvGgY9RfzqcoQOZHZ UcRK3NBE+toDMBIaddfTnjZpSvsVymM+cHU0q4/DuEgjUBGPm33hLGdaT5lN5cPyhiT5 QttPwl4IWqVBs09u5lSPCPh6LmkMMgJwX9Sx+nMesp4iaBfRhksJ7GbTXjmJIrHhQo/x Mu8oZwcKJdrhzprM429IsCxqlHx/6FRMHpPQkldnQFSJsjdsi81uxVQVxlc8ALPLx6OR rImIOVa7jwLry9slnkckV2Wk8pIofdQFJ1O5RDXZoAWQPvH4/+3RO/0U7upP+9Epz/7o E7SA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jd9HJzycE8kFZwNJn5IXr/C3V0ESnEMqscExPsiSXRY=; b=g7E47fxEeSuPjj8OSlIY0NnXxW5UNVN5V2iZ1FVhY8EEW6va6izp03v09Bi1uVXuNc NMc14yDXpfkcLnlNk6/Br7gc4BIi7zMxraMXZtoFOs/PrCKK1w8t7OpR7TxeNq3uUWWH Lmhds5cWnecaFB6mrVn9X7RmCE9BTiKAcO58c/QO/sjQJqP51tPRupDeJDZqamhiz9T+ L3+r90ozIZZu3VvNxedgNudm7dP8283mEUEBTBLLoIebgTYxi5LErkw9Jq0rtDzXaTyJ 3oUwF7uG+OsaewIgGB3uVV4g2cTuHVBTb2+NDxLLNg3fGCa0kOgwJyYjDoRE+AJPuNll L3rg==
X-Gm-Message-State: AOAM5304bBJuY98othO47JITsvAeqSu0kD7Ir89JLIBE+eELjf09qB0P cHFlTIl8RVdT9UpyRkplNbWmuMc0dG1Y2pVDObEsuA==
X-Google-Smtp-Source: ABdhPJxgkncUf09DaNS8T1Tvady5J0QNVvce+X4b3YvBLJT7XO6gEMqGYXVWr2i3XQSqxXtRAtHpiII0i9nMDjG2SnE=
X-Received: by 2002:a19:6a06:: with SMTP id u6mr22078775lfu.322.1620776730346; Tue, 11 May 2021 16:45:30 -0700 (PDT)
MIME-Version: 1.0
References: <m2k0o6uqot.wl-randy@psg.com> <CAKr6gn3oCZBOP3L8AQWvH9Nk4fum-ycZCnHO_DUtgdx5M=z_+A@mail.gmail.com> <m2fsyuuofa.wl-randy@psg.com> <CAKr6gn18yGTrAiqPA2P+kc+JBt2Tf8D-G4Gf5WCnASm8vk1Fvg@mail.gmail.com> <m21raduy3s.wl-randy@psg.com>
In-Reply-To: <m21raduy3s.wl-randy@psg.com>
From: George Michaelson <ggm@algebras.org>
Date: Wed, 12 May 2021 09:45:19 +1000
Message-ID: <CAKr6gn2tRD1M=MmZLxHraJHW2iYbn=_hAmyPke3fdpKJSnVRBw@mail.gmail.com>
To: Randy Bush <randy@psg.com>
Cc: SIDR Operations WG <sidrops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/61RuY__2ZFXLxcayjUnW6z32EEE>
Subject: Re: [Sidrops] draft-ietf-sidrops-rpki-has-no-identity-00
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 May 2021 23:45:37 -0000

You can't provide identity inside RPKI. It's forbidden in the profile.

You can use RTA and RSC to sign over things, which could be assertions
about identity. RPKI can't "prove" the assertion. But it can associate
INR with the assertion.

If you do an identity check out of band, with a public-private keypair
(for example doing a nonce check) you can use RTA or RSC to sign over
things which include the public key you just "checked" in some
unstated, undefined, OOB manner. This binds the INR to the validation
of that keypair.

If you want to define the context of use of the INR and the identity
in the RTA and RSC, how you do that is out of scope for RPKI.

All your questions about risk and consequence are valid. They're out
of scope for RPKI.

I think repeatedly saying "you can't provide identity in RPKI" is a
bit pointless. Sure: we all know that. You can "bridge" from RPKI to
identity, if you use some mechanism to say that, and RSC or RTA can
help you do that, without breaching the RPKI profile which forbids
directly certifying identity.

You asked "how" and I tried to say how. I did it badly. well, that
doesn't help me sell the idea, I get that, but I still think this
document is a bit pointless. Nobody is trying to say you can certify
identity directly, inside RPKI. What I wanted the document to say,
which would make it more useful (I think) is that you CAN associate
identity and RPKI, if you do it through a mechanism like RTA or RSC.

What I say about identity, can be said about Geolocation, or any other
quality you want to associate with INR.  If it is not permitted inside
RPKI, then assert a declaration outside of RPKI, but sign over it
using RTA or RSC.

Yes, bPKI was a stupid thing to use, to say "some PKI which isn't RPKI"

-G