IETF Logo Mail Archive

Re: [Sidrops] Éric Vyncke's No Objection on draft-ietf-sidrops-6486bis-09: (with COMMENT)

Russ Housley <housley@vigilsec.com> Mon, 31 January 2022 16:38 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 631AC3A0CAD; Mon, 31 Jan 2022 08:38:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.898
X-Spam-Level:
X-Spam-Status: No, score=-6.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VRFsL3BoazNE; Mon, 31 Jan 2022 08:38:29 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3CF03A0CAB; Mon, 31 Jan 2022 08:38:29 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 8B7DED5B24; Mon, 31 Jan 2022 11:38:28 -0500 (EST)
Received: from [192.168.1.161] (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 6DD4CD5E9F; Mon, 31 Jan 2022 11:38:28 -0500 (EST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <YfgLYqX1hQIVl9j9@snel>
Date: Mon, 31 Jan 2022 11:38:27 -0500
Cc: Eric Vyncke <evyncke@cisco.com>, SIDROps Chairs <sidrops-chairs@ietf.org>, Chris Morrow <morrowc@ops-netman.net>, SIDR Operations WG <sidrops@ietf.org>, IESG <iesg@ietf.org>, draft-ietf-sidrops-6486bis@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <6778460A-C69A-40B3-9295-A5AB8913C6FA@vigilsec.com>
References: <164362677155.28792.13241248233184382872@ietfa.amsl.com> <YfgLYqX1hQIVl9j9@snel>
To: Job Snijders <job@fastly.com>
X-Mailer: Apple Mail (2.3445.104.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/OS5tw632jajqHGyf_GBvdM-msSc>
Subject: Re: [Sidrops] =?utf-8?q?=C3=89ric_Vyncke=27s_No_Objection_on_draft-i?= =?utf-8?q?etf-sidrops-6486bis-09=3A_=28with_COMMENT=29?=
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Jan 2022 16:38:35 -0000

I think this is an improvement.

Russ

> On Jan 31, 2022, at 11:16 AM, Job Snijders <job=40fastly.com@dmarc.ietf.org> wrote:
> 
> Dear Éric,
> 
> I think you raise a "valid" concern (no pun intended ;-))
> 
> I think something along the following lines might help clarify the
> purpose of RPKI Manifests.
> 
> OLD:
>    Specifically, if an RP checks a manifest's contents against the
>    signed objects retrieved from a repository publication point, then
>    the RP can detect "stale" (valid) data and deletion of signed objects.
> 
> NEW:
>    Specifically, if an RP checks a manifest's contents against the
>    signed objects retrieved from a repository publication point, then
>    the RP can detect replay attacks, in-flight modification, or
>    unauthorized deletion of signed objects.
> 
> What do others think?
> 
> Kind regards,
> 
> Job
> 
> On Mon, Jan 31, 2022 at 02:59:31AM -0800, Éric Vyncke via Datatracker wrote:
>> Éric Vyncke has entered the following ballot position for
>> draft-ietf-sidrops-6486bis-09: No Objection
>> 
>> When responding, please keep the subject line intact and reply to all
>> email addresses included in the To and CC lines. (Feel free to cut this
>> introductory paragraph, however.)
>> 
>> 
>> Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/
>> for more information about how to handle DISCUSS and COMMENT positions.
>> 
>> 
>> The document, along with other ballot positions, can be found here:
>> https://datatracker.ietf.org/doc/draft-ietf-sidrops-6486bis/
>> 
>> 
>> 
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>> 
>> Thank you for the work put into this document.
>> 
>> Please find below one non-blocking COMMENT points.
>> 
>> Special thanks to Chris Morrow for the shepherd's write-up including the
>> section about the WG consensus (even if I would have appreciated a
>> justification for the PS status).
>> 
>> I hope that this helps to improve the document,
>> 
>> Regards,
>> 
>> -éric
>> 
>> -- Abstract --
>> In "then the RP can detect "stale" (valid) data", is "valid" really the right
>> word to use ? I would naively expect "invalid". Or is it just an indication
>> that the data *was* valid and is stale? The use of "(.*)" in the abstract was
>> more to explain the previous word and this use is different and could confuse
>> the reader.
>> 
>> 
>> 
>> _______________________________________________
>> Sidrops mailing list
>> Sidrops@ietf.org
>> https://www.ietf.org/mailman/listinfo/sidrops
> 
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops

v2.8.7 | Report a Bug | By Email