Re: [Sidrops] I-D Action: draft-ietf-sidrops-signed-tal-07.txt

Ben Maddison <benm@workonline.africa> Wed, 28 July 2021 21:42 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC31B3A222E for <sidrops@ietfa.amsl.com>; Wed, 28 Jul 2021 14:42:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mjayxi8FsXCa for <sidrops@ietfa.amsl.com>; Wed, 28 Jul 2021 14:42:32 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30084.outbound.protection.outlook.com [40.107.3.84]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 650923A2236 for <sidrops@ietf.org>; Wed, 28 Jul 2021 14:42:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UPt7AsiGq3E1KnNcR/2nOkFl2ShZ6iaE6Mw5tlKtr3DvwtTaX8g1s16mS5kNTgm9V1vtK9JOFXbXsyg5pjpsbh3gHTyHspH0jXDSUbyX7kwtq7FMYae0uKQJ842mNEDNaQgYXpiGpXJmiUZUWZKL1/YZNngVZlCD8qkELO8X8ifZBkDDHC5kCxi7kdvBA+yLBsG3kVCax6RGpxbD2pBKQ5YcexTHhDjX2gADtMASDbXOFXRFSDYcXtD6z8bU2XRwhb92lC0b6potd5Ay+UTgnu2ht91d553HQc+o4BYQuCXSSDvmOzh8BG/AMwRaaTgZYe0cQbqDf4wvwmdTAbqfyg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=89PlKkrxqUSqSaIaltRMRGLrUeL0qOZslu2DV2unKCQ=; b=jYi1GJUfCkP56EJl6EaizkILs7HH1SK+ZbB433Mv9UnfN9Zb72OscmfFxvvX31NJZNzM9KRAEPY4L+b3Ia+9x3pfnc77w7RV/1gqPeYTpU8wB1GCqEGj61X6Dcw19Y1a2/NtMSAYtg4USav90sFNGqg3i8coC4LlFhTRg+Z8bYZfXdkTFVa4lGfDy+OIRhOpecoVqkVVtRPaG2jZHRXDPmDYNNZA2o69t/Ajyanh6lvBdm8Iu4mnvRq2UJwrq8jF7EKlalaGS0jQ7Ho3b5tI713bA7yQlGFJxiQqMjTrKeqFCl161CRXor+CBuaL9YBNqo41mpQkdR8zf7BDN8d+7w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=89PlKkrxqUSqSaIaltRMRGLrUeL0qOZslu2DV2unKCQ=; b=fSzlxurrXwas1cZCVBOJ149fM6IHx/ti06yXtnaHSXmEJmiY2/mP0dva6p5IrnrQ6EbSy2nEP2aFIiJQGo+RCVXNMuxM0ILTbvoRlrLDGDP/cJOsmv8PiZQxupzUzbm2sj4ELIOqkS+zb2lqghAXJ0L2l9kANfDOadZUJ+xg4L0=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none; ietf.org; dmarc=none action=none header.from=workonline.africa;
Received: from PAXP190MB1518.EURP190.PROD.OUTLOOK.COM (2603:10a6:102:1cd::22) by PA4P190MB1328.EURP190.PROD.OUTLOOK.COM (2603:10a6:102:109::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.19; Wed, 28 Jul 2021 21:42:24 +0000
Received: from PAXP190MB1518.EURP190.PROD.OUTLOOK.COM ([fe80::c5f8:90dd:9d84:97af]) by PAXP190MB1518.EURP190.PROD.OUTLOOK.COM ([fe80::c5f8:90dd:9d84:97af%5]) with mapi id 15.20.4373.019; Wed, 28 Jul 2021 21:42:23 +0000
Date: Wed, 28 Jul 2021 23:42:16 +0200
From: Ben Maddison <benm@workonline.africa>
To: sidrops@ietf.org
Message-ID: <20210728214216.vuyds2blfjoqyjcw@benm-laptop>
References: <162397132033.32149.10121553443259737639@ietfa.amsl.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="o7vbvljrhubxw5em"
Content-Disposition: inline
In-Reply-To: <162397132033.32149.10121553443259737639@ietfa.amsl.com>
X-ClientProxiedBy: CT2P275CA0035.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:a::23) To PAXP190MB1518.EURP190.PROD.OUTLOOK.COM (2603:10a6:102:1cd::22)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from localhost (160.119.236.41) by CT2P275CA0035.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:a::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18 via Frontend Transport; Wed, 28 Jul 2021 21:42:23 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b6b29416-4fcd-4436-8546-08d9521095c8
X-MS-TrafficTypeDiagnostic: PA4P190MB1328:
X-Microsoft-Antispam-PRVS: <PA4P190MB1328F15C9091B95F50CDCD7EC0EA9@PA4P190MB1328.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:3631;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: NPnnQuuA1DLBjTQyyitIAOQ1NmT/63CseegktEUrfvTWFxO7nsh9178LPw6mG9iLht9cVB9AqVGdnPr22WaM44XzVr2EvyT6gwfMQNrCqjfkwruCOzrzmve8bm3BZNqZThXIU6qrHPIeu9oXGxzKbinO/8aN4YCXSlr8Te/fN6LTN0CIRLcn1fNfl6x7QysUYO4pyAXqUBn3jmGIPYJoz+k61CA0m/Z1qHn8Xx0jDOT0Ngz9ONTY3/Vcx+onjtGK4FZlfNZe+DQGQ6Mog6313aDRzWcLWDkI1YEFcyakVM7tDEyfEYvSp6bX0AFVwWH2w+fjBbzIe6vnfmYtLkHDmjIWOUv17UOxHwq3LhOOopoyvMwUfgh67oc+kEdKauUu8mpGQZfaKYcocj/dUCADJ+UtuGhT/XdzWo1PUSdSHD5AMeIIvy0o/wNVmdiZU7+e2VEUZxV8+x111u2l3Q5RC9LWzXCZJkw5MaU7awV6bVdjxwntM+NUPiUT7t0y3a+gsh5692hLuwT5PiURDyO3yPds02LKHm0MvISikqAAD7hhtDfOU+6OnPOHR7Cdd8/QDYiIkbr9x65pdCgE9N/a1NAp7Wj1QxXb2XDsBiyIY/1MeTTQhX2PStRg+4JFydt5HtegkJcViv8ur65ljcKtVx3XjtTFz0OuJG24GdJAgkJeQXuZyTM3xYGz4aT2yO6U1nS+rydndP/BSutu//lXdW8+oRBnyAvJZ89gH5YdIZC4mn9w75jLZHswCSrhCH2R+v1MHOw7jz/237XWlEzPOJZGYOgTuY78NC4YPzC02H6UOQEsSYpXTafOIp7qo1PQ3B6iazXuYxH9xyOsB/uA8w==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PAXP190MB1518.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(366004)(136003)(376002)(39830400003)(396003)(346002)(83380400001)(38350700002)(33716001)(6666004)(956004)(86362001)(38100700002)(8936002)(66574015)(2906002)(316002)(66946007)(1076003)(8676002)(6916009)(6496006)(66556008)(66476007)(52116002)(5660300002)(966005)(44144004)(26005)(508600001)(6486002)(186003)(21480400003)(9686003)(46492011)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: aeuSdqIPGFGtHKyMx8xySQiI3qZMvbApB2/Y+R8e4oFu2uRN9TR9fb+luta+EyMOp9tUztUjM8wTtKk+VBQXWYC2FcLX20Z8x47FvqWZhpSLPMuULJvNYDS7xU0hpoAfrKuaopuI36vuP/yrkA4M42/OYWDRfcuesKUwtQeh8tVw6wzRYUWtCE6eHjt1tzXPz2njCEEjOBkNsg5ZNke9ol0XMT+68YwXT76GspF2OKee+CaNZp5aRSUUhWHYGIZzhWQ+YIRVQ0B6on8F+zXIhT2crLq00sKrV4ldkoIHURq1kiJXT27Y9dwP4PcF40Ax0F/CzBoYmz4qm2rEIG5wRVLhacYaDo+Un9nHGOGM0tvibJSAAVR3YGdGAFUND1/5on2H1HQG5256OEHDPSS86jDtWQ99uI/UcMPRA53iV43Yyvapauyqq595u+neT8GnfVYq/hgOnH9GUqHmbq++Sy312gPbjR8TmOTwvZDTSUW4ycHcfLV/Y44Mt0fkiwx32qEF/H72tQFxPCfeTlvEMqu6R2jbHiefgSAJWotep8jCfX9G+U2chOC+7sNXA8tBjHPQIleJgVMqY6U1/K92jF1tacrJWBVNf6fNHlXa0tzrbWC3xgRQcDTDCCGdyWYqepDnWCDKDOcbEQxdIqYyzlywlMyEA7DbXXaaJYPtNYZ86NMKesk8ntpF8PcgNetZOy3dbjKqSIGJFtFpZ60xgVXuR2Qp0hZH4I6L3CfFcyoPiYniW2yiUdRcKksCFz3dm9M8wa1L7AM7ZdYTfDvKGy5g7efTmbEc/zXxFveqZgkvcnCZfN/NQtv24uul11dLc73c1o33bc7ZO4kmzooGUMiZvvtnv/aXCiOSWM48MbeDf7jP3pkKO/nT4F8BgDXxE2eaUmyrWSdrzcURM+q7B09MOj9dZ8dJ2D+qZHUO1I8RgQK35ZpzT0PGfhH1Ohez7rrZf6LgqEPq4Vs21AvklF1MykfMlA9iyx/9ltajTDmFrfqlBOTP8B/8q8by1GMTO9+5WIiqweZ+rmhc/bupEHRYwzP1/g8yypW8Sca40af5HOLRuB7OUN0IjbKVqZQXUJXAM7ayKGjFNIl8te31f0LuItpOvGTa2Ej1K70PSR3dWK4AUPZFd+wk9G2OguSA/pX3kQFXUgdbSMyTZ/ou8j4Z2d2ZC9DCbZnzloPJ8n+QH7yYkRnA27IXDLWuMc4JHrfOsCjA6a1i1d47lQoHP3w39rP6V2Y/qMKFW9N6d9hvxLkAFk/76c8aDpLyhAetIb/zlxLbj/g1xb4THtAT79jzacz/pMbSYQiWnLizWMnc9x5TdqYGCiXDj/i9eGdw
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: b6b29416-4fcd-4436-8546-08d9521095c8
X-MS-Exchange-CrossTenant-AuthSource: PAXP190MB1518.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jul 2021 21:42:23.8404 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Gu80EUeP84PBEUo85s8N05leFet1zjkgHfQpO7OpFEeUtcEnFUYZUNC4Gyw4vMqT/NKA2I1llye3c6pncuvXRg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4P190MB1328
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/FAflKELMnWLa16Rw89-LeShIWi8>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-signed-tal-07.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Jul 2021 21:42:39 -0000

Hi all,

Re-iterating the comment that I made during the meeting, as requested...

Including the "revoked" flag *only* in the TAK object published by the
"revoked" TA effectively gives anyone with access to that TA's private
the key the ability to resurrect it and/or point RPs to a malicious
successor TA.

Given that a prime motivation for a performing a key roll is a suspected
key compromise, it is troubling that the key roll can be reversed by the
compromised key!

Perhaps I am overlooking something?

Cheers,

Ben

On 06/17, internet-drafts@ietf.org wrote:
> 
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the SIDR Operations WG of the IETF.
> 
>         Title           : RPKI Signed Object for Trust Anchor Key
>         Authors         : Carlos Martinez
>                           George G. Michaelson
>                           Tom Harrison
>                           Tim Bruijnzeels
>                           Rob Austein
> 	Filename        : draft-ietf-sidrops-signed-tal-07.txt
> 	Pages           : 18
> 	Date            : 2021-06-17
> 
> Abstract:
>    A Trust Anchor Locator (TAL) is used by Relying Parties (RPs) in the
>    Resource Public Key Infrastructure (RPKI) to locate and validate a
>    Trust Anchor (TA) Certification Authority (CA) certificate used in
>    RPKI validation.  This document defines an RPKI signed object for a
>    Trust Anchor Key (TAK), that can be used by a TA to signal the
>    location(s) of the accompanying CA certificate for the current key to
>    RPs, as well as the successor key and the location(s) of its CA
>    certificate.  This object helps to support both planned and unplanned
>    key rolls without impacting RPKI validation.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-sidrops-signed-tal/
> 
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-sidrops-signed-tal-07.html
> 
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-sidrops-signed-tal-07
> 
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops