[Sidrops] Test objects: ASPA and BGPSec Router Certificate
Tim Bruijnzeels <tim@nlnetlabs.nl> Fri, 22 July 2022 13:02 UTC
Return-Path: <tim@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBD74C14F72D for <sidrops@ietfa.amsl.com>; Fri, 22 Jul 2022 06:02:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FiDvF5RpK3GE for <sidrops@ietfa.amsl.com>; Fri, 22 Jul 2022 06:02:44 -0700 (PDT)
Received: from outbound.soverin.net (outbound.soverin.net [IPv6:2a10:de80:1:4091:b9e9:2215:0:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B760C14F723 for <sidrops@ietf.org>; Fri, 22 Jul 2022 06:02:43 -0700 (PDT)
Received: from smtp.soverin.net (c04smtp-lb01.int.sover.in [10.10.4.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 4Lq8jq6J6jzM2 for <sidrops@ietf.org>; Fri, 22 Jul 2022 13:02:39 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [10.10.4.100]) by soverin.net
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nlnetlabs.nl; s=soverin; t=1658494959; bh=3kz/nAQANW6TSeIPk4XoH30+xdGPNCco1FM2/Fi0Kt4=; h=From:Date:Subject:To:From; b=rjcdCd7TzUsngmX0DPFEdj5Bxqes6psNYPRJBl8Wqhdwqcuaa595NoU62rt2rj5FP GNr3HmZ0NcnG64ic/EkXCPMcS2w+F22VzZKJEwSI9xKWoUg07mKOY88iMySrdS3gVX YfHsIzaMYHfPa3LT6jjl2RAm/v23QuTECPaljhCi6x8LeqdbRoQWkMR3nf8OZTEj53 2M3KnREqvy/nQsUkqVJZwol9r8gKxCbmBRKrwFz87iy32nbiB7v3i4f35gzJHjOSFg e55H3UMvVyiK40IMJCqKlX6PgnGMiC1zm8/lU8qJi2cSkWmCon8/DBTERNPRlUhGZG 7HvKCy3CTLjJA==
From: Tim Bruijnzeels <tim@nlnetlabs.nl>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
Date: Fri, 22 Jul 2022 15:02:38 +0200
Message-Id: <DADDAAB3-109E-4B83-A54A-2AAF65E2FA62@nlnetlabs.nl>
To: SIDR Operations WG <sidrops@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/DvRqMbOXkhiBDdUCTJU89L4q6LY>
Subject: [Sidrops] Test objects: ASPA and BGPSec Router Certificate
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2022 13:02:49 -0000
Dear WG, I just published a BGPSec Router Certificate and an ASPA object under a test CA in our testbed. The CA uses the following rsync base: rsync://testbed.krill.cloud/repo/local-testbed-child/0/ The TAL for this testbed lives here: https://testbed.krill.cloud/testbed.tal BGPSec: ------- file: ROUTER-00033979-17316903F0671229E8808BA8E8AB0105FA915A07.cer This is valid according to our own probing, but please let me know if you find any issues with it. ASPA: ----- file: AS211321.asa The ASPA file still follows the aspa-profile-08, which I believe is unchanged from what was discussed around the end of 2021. I can change this after consensus has been reached, but it may be helpful to have an actual object to look at. Please let me know if you find any issues with either object. Thanks! Tim
- [Sidrops] Test objects: ASPA and BGPSec Router Ce… Tim Bruijnzeels
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Job Snijders
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Tim Bruijnzeels
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Di Ma
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Tim Bruijnzeels
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Tim Bruijnzeels
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Job Snijders
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Job Snijders
- Re: [Sidrops] Test objects: ASPA and BGPSec Route… Di Ma