Re: [Sidrops] what to do when the CRL is hosed?

Oleg Muravskiy <> Wed, 26 February 2020 08:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3DFAF3A1086 for <>; Wed, 26 Feb 2020 00:28:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9kG04qzCMw0j for <>; Wed, 26 Feb 2020 00:28:38 -0800 (PST)
Received: from ( [IPv6:2001:67c:2e8:11::c100:1372]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 395B83A1085 for <>; Wed, 26 Feb 2020 00:28:38 -0800 (PST)
Received: from ([]) by with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from <>) id 1j6s3X-000AkQ-IS for; Wed, 26 Feb 2020 09:28:35 +0100
Received: from ([2001:67c:2e8:9::c100:14e6] helo=[IPv6:2001:67c:2e8:1200::279]) by with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from <>) id 1j6s3W-0002GZ-E0; Wed, 26 Feb 2020 09:28:34 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.\))
From: Oleg Muravskiy <>
In-Reply-To: <>
Date: Wed, 26 Feb 2020 09:28:33 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <>
To: SIDR Operations WG <>
X-Mailer: Apple Mail (2.3608.
X-ACL-Warn: Delaying message
X-RIPE-Signature: c408758d4ce2e8eb06762a65a3365b74f827bbda451a15ec68e00dc1054d1474
Archived-At: <>
Subject: Re: [Sidrops] what to do when the CRL is hosed?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 26 Feb 2020 08:28:39 -0000

I tend to agree with Steve and George that manifests could not replace CRLs. And while the rfc5280/section-6.3 only demands to fetch the (time-wise) valid CRL and does not specify what to do if that isn’t possible, my interpretation of this section is that the validator should not accept/ignore a CRL past its validity period.

With regard to manifests, the number of inconsistencies between the content of a manifest and a repository, the absence of rules of how to handle these inconsistencies, and as a result, the complexity of processing manifests during validation is much higher than the complexity of processing the CRL. I would rather get rid of manifests after fully transitioning to RRDP than putting more responsibilities on manifests.

But this is of course me as a software developer speaking. The decision should be made by operators.