Re: [Sidrops] Interim Meeting Follow-up Mail
Stephen Kent <stkent@verizon.net> Thu, 29 October 2020 15:37 UTC
Return-Path: <stkent@verizon.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07C993A0A62 for <sidrops@ietfa.amsl.com>; Thu, 29 Oct 2020 08:37:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.346
X-Spam-Level:
X-Spam-Status: No, score=-2.346 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.247, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verizon.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QIPKgCD4GWkM for <sidrops@ietfa.amsl.com>; Thu, 29 Oct 2020 08:37:37 -0700 (PDT)
Received: from sonic305-2.consmr.mail.bf2.yahoo.com (sonic305-2.consmr.mail.bf2.yahoo.com [74.6.133.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A83DD3A0A5E for <sidrops@ietf.org>; Thu, 29 Oct 2020 08:37:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verizon.net; s=a2048; t=1603985856; bh=8RwtLGnJ9CQi6LHzg2NIYrDy5q662y8c/XvfDEVrWCc=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=hwHCFKwggfo4Kin1w6P4BwaLDxO3U51l4RQJOxkSA6rFDbo63xrVawQixmZy4oII+gA2GDWHZeDqkoBg63mrZw2gyGTiLKGM3yMZIH60faPFBYcff904czQvTwccfLJauWzjLEyPtpxqOxPR60+huReBb6/jIxivbd5Ol/eYFyprCTltOwXJ33yqzja2XZDzRJ4g+rACqZSZN2nUaASt1zJn+w3wBKkX4sc16062oBav9YPhXR1KntnxjiA2c/9BFvkSw2xYPD9C7dGKAGeWYcG28BldoCaOWSS1/lNl5zvEas3dnNzLyUxQ5fjLeX/cg1LJIgcYfr17bkYHlYYdwA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1603985856; bh=NPvlHGbErcMxN+qGc1BZB3XE1a+IeYa9J/OxY551k25=; h=Subject:To:From:Date; b=JtdQJihcJ8HtHps9HsFo+SYM7t7WgEZpjBiwDL3PZIYQKMxBNqCwnfDMhTgKZmkobKR+lz5Si/BDTLzoRDCtjrXubmBUp0B7IdpKIPs2ZMqcEYdm5WVpD7eVou2X6/qjcOPFPku2+WzYG3ABGaoB5KjKzW88Yn/jXVMdnc8N+cr9JD9vNnKKB9JGB02jOf64LxFfn7Xp/kuRzva4fluFxFzhcffVBsG38xz8mFsZ38JheB5KCY48RMfeYoxM4zJ8co152a9rS6nUBFYTlxgHi9GYnkhpkrXUrzyK/HV1837fKi/vuOx62dmtMB+oMo7ivHS+iDXjv+lhkdP8dBxTTQ==
X-YMail-OSG: xB_gpT0VM1mA_7C1OOwetC06B3iSoqFY0qTg0rf.Jt.eOklGnEz4nrAzXHuwlEz .dSYhPdweX4yoo4QVPCGhyuIoi5bxpR_zSxNXpQro4oDo5s6YrV_v4Nci0V1qjtd4l93.XEZmTmn Xj1LhDde5YGs7OhkYP7xezuKfazy4phmWKltn4gVsvsgMQtv5ktmp_ZT.QFP3J7DEpGo8XXyXYYg jdB5VU1xwQV8d6gQNPjwgEdzqWNDbPVCtZ1fvJvEc_F1a16Q1yXpxoZ5WNU56TpB.qk53WbT.Oe2 Dqrk3P6ZfO4EATyFCPd00OfaqpEyvlu5jHRJAmwrWESla_kchNWPPX_Hg4nokwF1zlBlgZzTrzm1 GUOpBNEd6Zoeem5wwHw5o_g7CAcwph6Est8tHBovhGy87gR4lM.cXfuHFaA5TEQTSIJbfpu9wlMN nNaBBFEMATra2nM5PauIpVn1i.xFjWJ_nGVaJfI.TVAoHXVCrRi8n7RlGn5qj3LgvJFEGCLh1ndC ECrAPmjsk0QVqt2dAb.91eipIz68uzpEkxfSFEtMkqw3MpjbhY5DPruFyFX4NyI6gdKUMEo8r_fy FuPH1D_JIaJBJPtz9t8nzQjMsiUQXlYqp0vdkGqS5_8lDyDGnWt2rKTXZlU4z9FVWyp70ByLkWP2 IrmDa.W0drscFw23tu7unj.B51_Gl3Qrk4czBrZYNKA79STxTUGewEorS_oX_9n4e6a2WbX51eAI vL467AOU7AgGdh6N8oH2gogZK.Xj4eJ62Plsuj22Gz3feckJlIogcCXrCi0RnvtXTi9.fmcOs6TO d2_KdHmmY6FqQZdYhNfFnY4V4ZEgkGxq8bVz0X256h1MxgXb4jmbr4A7gyuyB1F7VfesjVuUshtj MqQHK3m7ybiqc50EEjNhJB2JSJSURmQOuaMXwH9keg3DWA_HebI3.cmFFNM9F9kVH3b2IMPXzRdL z2jR4TMbNLuM.owNhCSaS_ejntx98zGUCOxn1EItBmoOH9m4uTiqOIg6ba3wHZFPdRiaxZRYGmUb iye2futov0K_ME71P7kZI6Laa7mWaVPfFzvcA7h87xZppO8XQZDgT0z1sFfDJAp5RFwnpUCwSZWh hH2RxWA2yNxRmHAUsjME5gyNHzpNzDV9.8c0ijcbvVBPGB42bYR_.X0nY97hdeNaP2zWFNSp.UtI FQkgHIZPz58TN3Pf7Zvgvyxn7XmOM3AV9YfWZgkNWhSUwgJYkkwo_zl52XRyRJR8uj40SUIRC3Ns .hl2_7SheDU4th5FGzgSr2kup1mV.CuxRM.pX3GQ.ir6I0DNrnSxqOLYNWA4DxpCyRd1Aywsatwm fgeHXaPrwgJm1UzWVQsrOF08eh.mW0uzRYrayvawKXW7clkMCX4ITQXV0r6tJQAZ3Nn.1_rRFnxJ _XgUQQVku732ayxdtbLoZYkKr9Z1FFCnQtWuinOSAAVRvHrXNByyuCjXExLWe7NcxtTKhq3ru09b nk8mIV9YG3Io7e1ozWKDoLF5zLca6_CbzkAheNq7C79lV0cl9uuzvAra7qDlBMlbJAmytgUKPZYL 8q30koe.eR2z3oiGK82_xNiaGtojj9XlCTNTithMcfsdvA6tl1jtSyP9UiYVRP4tPhIIKAwlGezX wAt1a.oU3NKL5Aa3qLzMoJqx74Z1hZunQPOEAbeD1J0LNT0ggL2w2puogRu_TM8k6CBY4iG_FmTY wwYJvc8ag4tBdKsaon1U019u9mF6eZ2hXGWSPzC6eVLwLqc09PYTWNGHRcrRGMLGQvL.RdN7AHGm nh2VlJKu2F0qLlC8PiixkJyIrtvNyOSd04YCbFpNtk0IR5yE0v7TKPqeYHPsxe1nJPLMh2.wFwWu 5ryPyZp.sB2vVThMe40f9HPuMiLUP7jMrqxRLzVjF9Td93PwwNNcvsk_7AbXtAbcMjcdqZVDODdL m69ccUYo7dC1ojP5QYbsP1._MvMab8vfi11fhQihc9gB0yUWuzXx7emzM46rphR8x7MYz7L5Jjwk 535I5NRJvwFYikVG3mQxDfyX2lNWCbJ6mMKV_RNjYMGHagzWa8lRQKz6cG1nLB6oFQRtvTlCmeGv rCuIYdZRLB.5gahLT5PjCDjkGohG6ctRBLieiECHPMh2GHj5mpLFwnpvzfvr3svGk9cjNKfwtXmg 6MlbTxLF6V8pmbKgl.NbjbtE7baLvNRO6GVJhBZyy.51sGa5X7XSH7NMtGqsALBYiD9Y5V.QudqE l3__fTOKAE3rIpbvzEACdtxq4n9NIuIlOjH7Mv14jvXlmwt45JtPwGPpe1as6wOt2kFKBHGn7qMJ p.Se8Lpedyk7NYoHEFGR39TW1XbkweOLintXglPTdwToaU2KyCaSGRQYJMnJDhn9xEE5U1fWZTfR junHORYRwIA3Br2_j_j6ygrtxArMkTm9ZIAiQvT5OXzpmprDuVlylljWgTSsGAYuZns5CuPEBIz1 _aS9oZXjOYuI920K2JmlrMpQp
Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.bf2.yahoo.com with HTTP; Thu, 29 Oct 2020 15:37:36 +0000
Received: by smtp421.mail.bf1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID f813460ffa04013cceff134e3fae3cff; Thu, 29 Oct 2020 15:37:31 +0000 (UTC)
To: Tim Bruijnzeels <tim@nlnetlabs.nl>
Cc: sidrops@ietf.org
References: <87zh4ekvz9.wl-morrowc@ops-netman.net> <5660E325-98A9-4A3F-A009-BD13A5C62A47@nlnetlabs.nl> <06995a21-7cc8-1182-0472-00105ac7dd6d@verizon.net> <4A518084-54AB-4719-A9CD-11DD8AA9E63D@nlnetlabs.nl> <bad467c3-3fc5-d971-bc5b-cfe35fe5cd70@verizon.net> <72E7C44B-7478-402B-A0F3-2376A2818657@nlnetlabs.nl>
From: Stephen Kent <stkent@verizon.net>
Message-ID: <e96b8e00-299e-dca3-0d06-b650925303d2@verizon.net>
Date: Thu, 29 Oct 2020 11:37:30 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.12.1
MIME-Version: 1.0
In-Reply-To: <72E7C44B-7478-402B-A0F3-2376A2818657@nlnetlabs.nl>
Content-Type: multipart/alternative; boundary="------------56617377AEE6C8D430101935"
Content-Language: en-US
X-Mailer: WebService/1.1.16944 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.aol Apache-HttpAsyncClient/4.1.4 (Java/11.0.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/CNyCRnvSnSlcX8Z4OVAn5iOgWkA>
Subject: Re: [Sidrops] Interim Meeting Follow-up Mail
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Oct 2020 15:37:39 -0000
Tim,
I revised the text of 6.4 and 6.7 to address the issues you cited. See
below:
6.4.Acquiring Files Referenced by a Manifest
The RP MUST acquire all of the files enumerated in the manifest
(fileList) from the publication point. If there are files listed in
the manifest that cannot be retrieved from the publication point, or
if they fail the validity tests specified in [RFC6488], the fetch has
failed and the RP MUST proceed to Section 6.7; otherwise, proceed to
Section 6.5. Note that all RPs MUST be able to process Manifests,
CRLs and Resource Certificates [RFC6487], BGPsec Router Certificates
{RFC8209], Ghostbuster Records [RFC6493], and ROAs [RFC6482]. The
set of retrieved objects may include other RPKI object types that the
RPis not prepared to process. When such objects are encountered by an
RP, the RP MUST NOT attempt to validate the eContent (as described in
Section 2.1.3.2 above) of such objects; encountering such objects does
not, per se, result in a failed fetch.
6.7.Failed Fetches
If a fetch fails for any of the reasons cited in 6.2-6.6, the RP MUST
issue a warning indicating the reason(s)for termination of processing
with regard to this CA instance.It is RECOMMENDED that a human
operator be notified of this warning.
Termination of processing means that the RP SHOULD continue to use
cached versions of the objects associated with this CA instance,
until such time as they become stale or they can be replaced by
objects from a successful fetch.This implies that the RP MUST not
try to acquire and validate subordinate signed objects, e.g.,
subordinate CA certificates, until the next interval when the RP is
scheduled to fetch and process data for this CA instance.
- [Sidrops] Interim Meeting Follow-up Mail Chris Morrow
- Re: [Sidrops] Interim Meeting Follow-up Mail Tim Bruijnzeels
- Re: [Sidrops] Interim Meeting Follow-up Mail Stephen Kent
- Re: [Sidrops] Interim Meeting Follow-up Mail Tim Bruijnzeels
- Re: [Sidrops] Interim Meeting Follow-up Mail Stephen Kent
- Re: [Sidrops] Interim Meeting Follow-up Mail Russ Housley
- Re: [Sidrops] Interim Meeting Follow-up Mail Stephen Kent
- Re: [Sidrops] Interim Meeting Follow-up Mail Tim Bruijnzeels
- Re: [Sidrops] Interim Meeting Follow-up Mail Stephen Kent
- Re: [Sidrops] Interim Meeting Follow-up Mail Tim Bruijnzeels