IETF Logo Mail Archive

Re: [Sidrops] adopt draft-ymbk-sidrops-rpki-has-no-identity please

Tim Bruijnzeels <tim@nlnetlabs.nl> Thu, 25 March 2021 09:29 UTC

Return-Path: <tim@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1111C3A177D for <sidrops@ietfa.amsl.com>; Thu, 25 Mar 2021 02:29:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V7iCsxuJIQPz for <sidrops@ietfa.amsl.com>; Thu, 25 Mar 2021 02:29:10 -0700 (PDT)
Received: from outbound.soverin.net (outbound.soverin.net [116.202.65.215]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDECB3A166F for <sidrops@ietf.org>; Thu, 25 Mar 2021 02:29:05 -0700 (PDT)
Received: from smtp.soverin.net (unknown [10.10.3.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by outbound.soverin.net (Postfix) with ESMTPS id 3F22E60057; Thu, 25 Mar 2021 09:29:03 +0000 (UTC)
Received: from smtp.soverin.net (smtp.soverin.net [159.69.232.142]) by soverin.net
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nlnetlabs.nl; s=soverin; t=1616664541; bh=KFQ/0uzjGOIchtXc0O5dqMdf6q0Wipmhah8MoEOiEUY=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=MDSrstBKtgi42jq3IMmjz88NvaGXz9AMA0XjlpTHbbcs/K0p93BSYzY4YlkhfZmi7 /+0xJnESum6fmiwfQIbTqvnfiRpIJFnM/rXecUsxX8/OcqZ4tCai5uFMJAi/+QaFe8 IqmUCo0u2/q0JPqPis+JoGePh+o9NplmbF4ZabfWqYBHDh6eFloC82YuvRBPUc2oPg azQLPv1knvas0JynJZz3vjErOr1ecaH+sRzYOrOG5pePJTVrOKjacNsV5Iat6FmX5L RAetkPEV44vVs+o9FXQGOj6expvdzja7r9IhpiJeFXnHGKX37easlxwm8Rq+iERaRV XDJN6X4EEBAnA==
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
From: Tim Bruijnzeels <tim@nlnetlabs.nl>
In-Reply-To: <20210325082615.3c3322f5@glaurung.nlnetlabs.nl>
Date: Thu, 25 Mar 2021 10:28:58 +0100
Cc: Randy Bush <randy@psg.com>, SIDR Operations WG <sidrops@ietf.org>, George Michaelson <ggm@algebras.org>, Mikael Abrahamsson <swmike@swm.pp.se>
Content-Transfer-Encoding: quoted-printable
Message-Id: <0B8275A2-E466-403F-BF9A-FA0A876E2FAE@nlnetlabs.nl>
References: <m2ft0sgwfy.wl-randy@psg.com> <alpine.DEB.2.20.2103231615441.21528@uplift.swm.pp.se> <m2pmzpz41r.wl-randy@psg.com> <CAKr6gn2BWm0ZwuqwLc=g7FXgqbt0eqJ3tWJW7BzP=vEn6qCEcA@mail.gmail.com> <m2mtutz3s4.wl-randy@psg.com> <CAKr6gn2YM+5+3BMPUPM0O-C_VP5dprQyOyXkxvAKDhP7tfDbyQ@mail.gmail.com> <m2im5hz2qt.wl-randy@psg.com> <CAKr6gn3m6aBV_PkZQQfnEg2R5M92kfJhvGfAiu-3XW++bdR=1A@mail.gmail.com> <m2ft0lz0h3.wl-randy@psg.com> <alpine.DEB.2.20.2103240715470.21528@uplift.swm.pp.se> <m27dlwzaiz.wl-randy@psg.com> <CAKr6gn2Vr-n=Nh=4ivukLWmHzM52iUWt2F=05tXcSs+M_vXYwQ@mail.gmail.com> <m24kh0xed9.wl-randy@psg.com> <20210325082615.3c3322f5@glaurung.nlnetlabs.nl>
To: Martin Hoffmann <martin@nlnetlabs.nl>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/F8ycPCS91kPVoXvw9rxqWBnJzJM>
Subject: Re: [Sidrops] adopt draft-ymbk-sidrops-rpki-has-no-identity please
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2021 09:29:15 -0000

Dear WG,


> On 25 Mar 2021, at 08:26, Martin Hoffmann <martin@nlnetlabs.nl> wrote:
> 
> Randy Bush wrote:
>> 
>> when
>> the monkey uses its CA access credentials to cause the CA to sign some
>> document/object, it is the primary actor trying to fool you into
>> believing it is a rabbit.
> 
> Keep in mind that these statements are not protecting the issuer but
> the receiver. As such it is the receiver’s task to assess what exactly
> they can reasonably deduce from the statement and if it is fit for
> whatever purpose they use it for.
> 
> In other words, if you believe from a bunch of signed carrots that a
> monkey is a rabbit, that’s on you.
> 
> I don’t think a standalone document stating what a signature derived
> from an RPKI CA means (or, rather, as is the case in the draft, does
> not mean) is necessary. Instead, discussing this in the security
> consideration of the document defining the signed statement will
> suffice. Again, it is on the party accepting these signed statements
> to do their due diligence to protect themselves from liability.

Rabbits aside..

I think the crux of the concern is that:

1. Operators who have been given control over an RPKI CA for routing related assertions such as ROAs, are not necessarily trusted by their organisation to make other statements about the internet number resources that their RPKI CA is authoritative over.

2. Statements about resources could also be made by operators of parent CAs.

And indeed the RPKI is not about identity.

On process:
I believe this is understood by the authors of both the RSC and RTA specs, and I agree with Martin that in as far that it is not clear this should be addressed in the Security Considerations of those documents. If the working group prefers to have a separate document that talks about this, so that the Security Considerations sections can refer to this - as Job has done in the RSC -02 draft, then that is also fine with me. I believe that the objective is to have clarity - so whatever works.

On content:
Indeed it should be clear to receivers of RSC/RTA statements that the assertions could be made by anyone with administrative control over an RPKI CA with the listed resources. They should apply their own due diligence to ensure that signatures are not only valid, but also relevant in their context.

So, in some cases RSC/RTA could be entirely irrelevant, or not authoritative - e.g. a network operator with control over an RPKI CA may not be authoritative to say that an IP prefix can be sold. But, going with the "Bring your own IP" example I expect no such issues: for one it's very much routing related, and secondly I believe that there was a proposal that a cloud provider would use RSC in a way similar to two factor: they would (1) require that a ROA exists, without caring *who* created it - and acknowledging that it could even be a mistakenly created ROA, and then (2) require that a known client confirms the assertion by means of a separate signature over a challenge (eg UUID) for those resources, sent to them over a trusted channel.

The RSC and RTA specs are generalized specifications, so therefore their security considerations can only be generalized as well. An alternative could be to have explicit specifications for each use case, then each specification can clearly define their own considerations and applicability. However, I think that there is value in keeping the generalized RSC/RTA specifications as templates. Much like how RFC 6488 is a "Signed Object Template for the Resource Public Key Infrastructure (RPKI)".


Tim





> 
> -- Martin 
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops

v2.23.0 | Report a Bug | By Email