IETF Logo Mail Archive

Re: [Sidrops] [Technical Errata Reported] RFC9286 (7243)

Job Snijders <job@fastly.com> Tue, 08 November 2022 11:31 UTC

Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C01BC14CF0D for <sidrops@ietfa.amsl.com>; Tue, 8 Nov 2022 03:31:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id COR6ZpY4KwHi for <sidrops@ietfa.amsl.com>; Tue, 8 Nov 2022 03:31:46 -0800 (PST)
Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0215FC1522DE for <sidrops@ietf.org>; Tue, 8 Nov 2022 03:31:45 -0800 (PST)
Received: by mail-ed1-x536.google.com with SMTP id a13so22052607edj.0 for <sidrops@ietf.org>; Tue, 08 Nov 2022 03:31:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=XsOJzbwMm7Y0JbC2xnvbZoRQnZDwKQf2xoFK2oelDwE=; b=coZC4MHEJUf2OG4IH2ENLwKo2V+8c8TB2gqbKPnisu2ofw4msgSjQ9UgcEw3lBIAC6 NjyGx6d8Wfsi/kl+qTMEVmf6paaB4T/HgB/8LoI7j8vyU5loT8P6HyliV65VI87tB2gA CZG8pFsrUkAPErGCL3toKJOl2uJVmMezz0TXI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=XsOJzbwMm7Y0JbC2xnvbZoRQnZDwKQf2xoFK2oelDwE=; b=4tTbYBap51ni5/lv8MslMxhqUnJyUfs1XoVbO8tA2IeE98JpaLUI/F+g4zh1Y26i8D 4rwJ3jmz8X/k9oeKTfDB/fBCZRdQbkuoDrt3U5fz6y7ZpFOeeVwzjVjlpv0pg1FoHyPO ijoAcIZRXVe+mrDVfIS2el9mk6gT1QmDm3++LmXywC81pJOYeLi3+TuJEUvFp4fLybWp +4ou6Uo+JW43PKEc2L8fN5WMjvPN5VnEbAmb6ZKLjvXHVUj4QaYgmBPEEXYj8jGLCKBb TqfmjNDY3akg4Ch5tzlGasHwsHTZvsJ70V0rb2yWbnevYsmYmNQLrwY4XuvC9774LHxx DLVw==
X-Gm-Message-State: ACrzQf2BxcDoTBTAjiamugOxM8wgSN1q4zdaJIUXFTYjdLzL+cp1ZTbM i18FJS9oVGDuTK6EcZKrq6jUVg==
X-Google-Smtp-Source: AMsMyM5h4v29/jF6jw0VV23nGzD9PjvFLveZr8PVPf6AhEdlMLohlkshh4ZEglH6muojwamuSIniyA==
X-Received: by 2002:a05:6402:2813:b0:461:e7bc:560a with SMTP id h19-20020a056402281300b00461e7bc560amr55698581ede.340.1667907104273; Tue, 08 Nov 2022 03:31:44 -0800 (PST)
Received: from snel ([2a10:3781:276:1:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id kw6-20020a170907770600b0077909095acasm4614989ejc.143.2022.11.08.03.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 08 Nov 2022 03:31:43 -0800 (PST)
Date: Tue, 08 Nov 2022 12:31:42 +0100
From: Job Snijders <job@fastly.com>
To: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: sra@hactrn.net, gih@apnic.net, kent@alum.mit.edu, mlepinski@ncf.edu, warren@kumari.net, rwilton@cisco.com, keyur@arrcus.com, morrowc@ops-netman.net, tdekock@ripe.net, sidrops@ietf.org
Message-ID: <Y2o+HsUxcJnMX1gh@snel>
References: <20221107163523.04502C8AF4@rfcpa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20221107163523.04502C8AF4@rfcpa.amsl.com>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/9s92EfJTZb6i5dQWwVIiBLd6r64>
X-Mailman-Approved-At: Tue, 08 Nov 2022 14:17:22 -0800
Subject: Re: [Sidrops] [Technical Errata Reported] RFC9286 (7243)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2022 11:31:50 -0000

Dear all,

I would recommend this errata be marked Verified.

When the specification was authored, I don't think it occurred to anyone
that subscribers might end up hammering the APIs of CA implementations
prompting issuers to issue more the frequently than once per second.

Although it seems somewhat unlikely for Relying Parties to see multiple
manifests issued within the same second (subsequent updates to the same
location probably coalesce); however, if an RP is faced with multiple
valid manifests with identical validity windows, the monotonically
increasing manifestNumber remains the strong tie-breaker.

The Errata's suggestion to substitute 'MUST be more recent' with "MUST
be current time" combined with "must be equal or more recent" to me
seems to be in spirit with the objective of adhering to a linear forward
progression of time when issuing products.

Kind regards,

Job

On Mon, Nov 07, 2022 at 08:35:22AM -0800, RFC Errata System wrote:
> The following errata report has been submitted for RFC9286,
> "Manifests for the Resource Public Key Infrastructure (RPKI)".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid7243
> 
> --------------------------------------
> Type: Technical
> Reported by: Ties de Kock <tdekock@ripe.net>
> 
> Section: 4.2.1.  Manifest
> 
> Original Text
> -------------
>    thisUpdate:
>       This field contains the time when the manifest was created.  This
>       field has the same format constraints as specified in [RFC5280]
>       for the CRL field of the same name.  The issuer MUST ensure that
>       the value of this field is more recent than any previously
>       generated manifest.  Each RP MUST verify that this field value is
>       greater (more recent) than the most recent manifest it has
>       validated.  If this field in a purported "new" manifest is smaller
>       (less recent) than previously validated manifests, the RP SHOULD
>       use locally cached versions of objects, as described in
>       Section 6.6.
> 
> Corrected Text
> --------------
>     thisUpdate:
>       This field contains the time when the manifest was created. This
>       field has the same format constraints as specified in [RFC5280]
>       for the CRL field of the same name. The issuer MUST ensure that
>       the value of this field is equal to the current time and higher or
>       equal to the thisUpdate of any previously generated manifest. Each
>       RP MUST verify that this field value is greater or equal to (as,
>       or more recent) than the most recent manifest it has validated.
>       Suppose this field in a purported "new" manifest is smaller (less
>       recent) than previously validated manifests. In that case, the RP
>       SHOULD use locally cached versions of objects, as described in
>       Section 6.6.
> 
> 
> 
> Notes
> -----
> First of all: The previous text was not explicit that thisUpdate MUST contain the current time.
> 
> Second, in practice (e.g. multiple calls to a synchronous API) multiple manifests can be issued with the same thisUpdate. Under the previous text this would technically be misissuance. The propose text allows multiple manifests to be issued in the same second.
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> can log in to change the status and edit the report, if necessary. 
> 
> --------------------------------------
> RFC9286 (draft-ietf-sidrops-6486bis-11)
> --------------------------------------
> Title               : Manifests for the Resource Public Key Infrastructure (RPKI)
> Publication Date    : June 2022
> Author(s)           : R. Austein, G. Huston, S. Kent, M. Lepinski
> Category            : PROPOSED STANDARD
> Source              : SIDR Operations
> Area                : Operations and Management
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops

v2.23.0 | Report a Bug | By Email