[Sidrops] Re: Mike Bishop's No Objection on draft-ietf-sidrops-manifest-numbers-08: (with COMMENT)
Job Snijders <job@bsd.nl> Tue, 13 January 2026 09:53 UTC
Return-Path: <job@instituut.net>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id F2388A6EA32F for <sidrops@mail2.ietf.org>; Tue, 13 Jan 2026 01:53:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.877
X-Spam-Level:
X-Spam-Status: No, score=-1.877 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.017, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id liERhDS_LZpE for <sidrops@mail2.ietf.org>; Tue, 13 Jan 2026 01:53:02 -0800 (PST)
Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 82126A6EA317 for <sidrops@ietf.org>; Tue, 13 Jan 2026 01:53:01 -0800 (PST)
Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-b872de50c91so208130966b.2 for <sidrops@ietf.org>; Tue, 13 Jan 2026 01:53:01 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768297975; x=1768902775; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=UzMztdErPIvj4SZX42HUluVMvzJdXvPEdEhgHeanFP8=; b=hVVBONPS6TbOK3kI5LXEz0yhncQdbeXxS9I6PhWLaOWgTS6kGJreXK049Fg/CMCHdk bPu2Q+KdzbsRuCaFptmEnAQgRw9T0oWM4wPleoppWrLiZWDanrST+dGo8HvAGeclSm6d mmDKLxb20bs/A/93CVDlVZRJoTeUYMKGB2W/p4nWhWDNFc9bwTrlz2KAZPaQvfUoagLN bIXHQ30gPcVxLhFIavLoVii6wCWDu1aCBImhT7QSCaboNERGrXEZHGaJcrR43bTlMWay dH880kVKiimQtdc/GyM5qLN0Rbky/vEPrVaY39Ws+7eEsFA4K2+E/SUG+PMETQgOShTF lumA==
X-Forwarded-Encrypted: i=1; AJvYcCW7vM/1La8IdhdsRTawDliztxnQlMhLv4sHfKNKCO0/pJML/c/NunelbTFm+O/zIqHEANHCcuBs@ietf.org
X-Gm-Message-State: AOJu0YxmPLti14Nvubo7wcbUGh2etlegn28aZYVKk+zee78Rj2gSXI0i T9EiBvwnAvRtza8YG4mMblylD4UhonOOjhlQYwTLpGQf3pt7rd+GowxMVyyaBil0WAk=
X-Gm-Gg: AY/fxX4VacbubIzHpVFFrHN/6YyxWvXgvbajHvF9sM4oFPt3s8J6HESDu84HmFAnsBR uWoMrkALqs3Q2KvGcp2ntOazwonQYGntnp/a0jXUYBIOcMJrb97kDk90TRMIV/qk4ev91XiPJJ3 TCIUiXbzrU29Cy5pvdvOTy0pgUMfxBV40ozXF70Kdj4GK0t4Wn5hPrq+rdQK7ASYcUG/JnGiD8z E75byOGP3Slq8yD9kLbdmjPAw5+X7wy3uS6BfWes3t0Oo830Jmn4NzrrebW+MGSbDBGmyJkxtvT UUl7Qyu8REQGMxLslz2kYbItfd8V1lkjGdz3a4cFG03HV7P2iAUN1sUt0FSm7UvIhyKOGthv/Rw ZToCQp1ZOJHmJi8+po3ybX1Ic/YB+g1TRUWlgHogjBGt2PwsmrTGw5UczqRaWeoz2OtoCvtbLa5 AbScH5OovuzKiEPRMNDUt3TOYe4ldrLjvpxcGR8KCNqYRCQQbJ1rrXBgx1DSp8co00DHhlaGz/Y Ve/pf/7fNNEnt8jZvX/ct8uCMyrtleoLrju/0TxvWZGurbyTciz9U8v5Lpi/J18UtT3YxezaHam gRwix4c=
X-Google-Smtp-Source: AGHT+IEMNnlkVyQ2RMrnXsqcxQw33sKYGKnGKPFkELDrfnZi2ZZGo9JnikG5KzIZkORhtiIaEjW5sQ==
X-Received: by 2002:a17:907:9283:b0:b76:3399:457b with SMTP id a640c23a62f3a-b84453a18a9mr1832307366b.37.1768297974649; Tue, 13 Jan 2026 01:52:54 -0800 (PST)
Received: from feather.sobornost.net ([192.147.168.2]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b86f0d6d7c6sm975334366b.42.2026.01.13.01.52.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 13 Jan 2026 01:52:54 -0800 (PST)
Date: Tue, 13 Jan 2026 09:52:52 +0000
From: Job Snijders <job@bsd.nl>
To: Mike Bishop <mbishop@evequefou.be>, The IESG <iesg@ietf.org>, draft-ietf-sidrops-manifest-numbers@ietf.org, sidrops-chairs@ietf.org, sidrops@ietf.org, ggx@gigix.net
Message-ID: <aWYV9J7PAoWtgkbY@feather.sobornost.net>
References: <175572126181.878732.4853602693859362747@dt-datatracker-d8bcd59c-frtgg> <aWXn0qQf4aJ5RmBs@TomH-498551.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <aWXn0qQf4aJ5RmBs@TomH-498551.lan>
X-Clacks-Overhead: GNU Erik Bais
Message-ID-Hash: KPRTOCBKFKBP2XJRLLIEXHLGFWBL4XKA
X-Message-ID-Hash: KPRTOCBKFKBP2XJRLLIEXHLGFWBL4XKA
X-MailFrom: job@instituut.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: Mike Bishop's No Objection on draft-ietf-sidrops-manifest-numbers-08: (with COMMENT)
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/VFo4gmyAiEwgoZOqYRSuH3U24f0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>
Dear Mike, all, Mike - thank you for the review. On Tue, Jan 13, 2026 at 04:36:02PM +1000, Tom Harrison wrote: > On Wed, Aug 20, 2025 at 01:21:01PM -0700, Mike Bishop via Datatracker wrote: > > With regard to the SHOULD NOT change filenames, I will note that one > > common versioning approach in some areas is to give every version a > > unique filename which will never change (immutable), such that all > > prior versions can be retrieved if needed. Thus, I can conceive of a > > CA that chooses to change the filename with each new manifest, such > > that the old manifests remain available for comparison purposes. If > > the filename is no longer considered a security mechanism, it's > > unclear that this deployment pattern needs to be discouraged. > > On this topic, all known CA implementations use stable filenames for > manifests, and most follow the guidance in > https://www.rfc-editor.org/rfc/rfc6481.html#section-2.2 about using a > value derived from the public key of the CA. We think that the chance > of there being a CA using an alternative approach is sufficiently low > that it's not necessary to expand on this point in the document. I'd like to add a small elaboration here - The practical reason "stable filenames" are used is that Manifests are referenced from the issuer's CA certificate BY NAME. The implication is that in a scheme where a new filename is used for each new manifest, the parent certificate would also need to be reissued to update this named reference... (and its parent's parent manifest & CA certificate, recursively until the Trust Anchor itself). In other words, "unstable manifest filenames" as a general practise would negatively impact the RPKI's scalability. Kind regards, Job
- [Sidrops] Mike Bishop's No Objection on draft-iet… Mike Bishop via Datatracker
- [Sidrops] Re: Mike Bishop's No Objection on draft… Tom Harrison
- [Sidrops] Re: Mike Bishop's No Objection on draft… Job Snijders