IETF Logo Mail Archive

[Sidrops] [internet-drafts@ietf.org: New Version Notification for draft-spaghetti-sidrops-cms-signing-time-00.txt]

Job Snijders <job@fastly.com> Wed, 07 June 2023 00:36 UTC

Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73FAAC15152D for <sidrops@ietfa.amsl.com>; Tue, 6 Jun 2023 17:36:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YVR0ge0FcT7A for <sidrops@ietfa.amsl.com>; Tue, 6 Jun 2023 17:36:14 -0700 (PDT)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0BD3C15107E for <sidrops@ietf.org>; Tue, 6 Jun 2023 17:36:13 -0700 (PDT)
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-5149e65c218so521534a12.2 for <sidrops@ietf.org>; Tue, 06 Jun 2023 17:36:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1686098172; x=1688690172; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=UVmbYN8hr+Gx+W8OrwmfU2oE62EXHCZRn9Pgr8wyXGk=; b=lHYyZ4O2xELKVgZihXPbrZ6XkB7L4+sqh2ri+EUC24HvOwzR4R46W6X5A0B2WB7y6C cmJPhCsjfcNqnn1gnT18lgvXKiBUgnyFZ07SKRMxbS7Sh3DZcqa2fKMEEI4kP67EbCnB 37F8FriVFjcIPKzl3EHZgLR1d7vDr5vqegw+Q=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686098172; x=1688690172; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=UVmbYN8hr+Gx+W8OrwmfU2oE62EXHCZRn9Pgr8wyXGk=; b=IQXH6K3coTgLTnbxmHK198Tmp38sw24RJCsqk5HWtB3YFkq/Uo4uzPWfddYoXv+luP bOBPCM0DX0pEHpNgKCBEQSHLYnIx4iSX3M4iYoth6Cqhy/hFvntSI8Nfvi7br1OE6spc VlzRx9UvoKBUU0MB6BfiYQBl67OecRPa0v9TfASAvv0A0BtXrBd5sEq6Ku5EVlfrxlTr Qcl6UPsfznQ3lN2DLBVgpPOnEtsAp7Cr0kbFUbISfj/uk8028QlmWFn3xoLpBvBK8vsR CQNGdY68hxAW1ruA66gBVnOhlYc+B9ocr6JDqpUkKiE+h7/sXzdOOqtPUz70S1HyvtAo P/IQ==
X-Gm-Message-State: AC+VfDzVD8jMiHPLgGLyEKcsh9iUyl82JfThkU3UDnBtH0d7kBaXd2bo 7g21PgdnYAKbPMvTETSQfCPEBRl64ODOiARG744P0gthNomBlHFQdJ7SDMQciyvIEQgVh3DESPl 9ab5IPfH7URuSB5+8JdwA0JxY0TRf3QIZ6rHBVc4uKWCfo21wLHN/hQ1dtDcH
X-Google-Smtp-Source: ACHHUZ4Gl8Eq+gPU7zrIsTMLq9u64SOZLm2h6BAvnDlcUuC5//P5A3HPbYu47xOIPKB8aoBfQczPIw==
X-Received: by 2002:aa7:c418:0:b0:514:a5f3:be61 with SMTP id j24-20020aa7c418000000b00514a5f3be61mr3016932edq.31.1686098171988; Tue, 06 Jun 2023 17:36:11 -0700 (PDT)
Received: from snel ([2a10:3781:276:1:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id t24-20020aa7d4d8000000b0050c524253dasm5560196edr.20.2023.06.06.17.36.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Jun 2023 17:36:11 -0700 (PDT)
Date: Wed, 07 Jun 2023 02:36:09 +0200
From: Job Snijders <job@fastly.com>
To: sidrops@ietf.org
Message-ID: <ZH/Q+ea0HO542GV3@snel>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/BIkL6skf259GVkLomgIK_LFkD-M>
Subject: [Sidrops] [internet-drafts@ietf.org: New Version Notification for draft-spaghetti-sidrops-cms-signing-time-00.txt]
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2023 00:36:17 -0000

Dear group,

The below internet-draft provides a reference for the concept outlined
in https://mailarchive.ietf.org/arch/msg/sidrops/I4-3BPR-r0vd6CguWxV-cLs3fyY/

This internet-draft describes a use-case for the CMS signing-time
attribute. From my perspective this internet-draft is complementary to
Tim & Ties' draft-timbru-sidrops-publication-server-bcp-00 document.

The main takeaways are:

- set the file's mod-time to the CMS signing-time on publisher and RP side
- CMS signing-time becomes mandatory for Signed Objects
- CMS binary-signing-time no longer is allowed
- 100% backwards compatibility with all CA operations in the field

Contributions to this internet-draft are most welcome via
https://github.com/job/draft-sidrops-cms-signing-time

Kind regards,

Job

----- Forwarded message from internet-drafts@ietf.org -----

Date: Tue, 06 Jun 2023 17:26:40 -0700
From: internet-drafts@ietf.org
To: Job Snijders <job@fastly.com>, Tom Harrison <tomh@apnic.net>
Subject: New Version Notification for
	draft-spaghetti-sidrops-cms-signing-time-00.txt


A new version of I-D, draft-spaghetti-sidrops-cms-signing-time-00.txt
has been successfully submitted by Job Snijders and posted to the
IETF repository.

Name:		draft-spaghetti-sidrops-cms-signing-time
Revision:	00
Title:		On the use of the CMS signing-time attribute in RPKI Signed Objects
Document date:	2023-06-06
Group:		Individual Submission
Pages:		8
URL:            https://www.ietf.org/archive/id/draft-spaghetti-sidrops-cms-signing-time-00.txt
Status:         https://datatracker.ietf.org/doc/draft-spaghetti-sidrops-cms-signing-time/
Htmlized:       https://datatracker.ietf.org/doc/html/draft-spaghetti-sidrops-cms-signing-time


Abstract:
   RFC 6488 standardized a template for specifying Signed Objects that
   can be validated using the RPKI.  Since the publication of that
   document, a new additional protocol for distribution of RPKI
   repositories was developed (RFC 8182), and new insights arose how to
   query and combine the different distribution mechanisms.  This
   document describes how Publishers and Relying Parties can use the CMS
   signing-time attribute for seamless transitions from RRDP to RSYNC.
   Additionally, this document updates RFC 6488 by mandating the
   presence of the CMS signing-time attribute and disallowing the
   binary-signing-time attribute.


                                                                                  


The IETF Secretariat



----- End forwarded message -----

v2.23.0 | Report a Bug | By Email