Re: [Sidrops] proposed, revised text for Section 6

Stephen Kent <stkent@verizon.net> Wed, 06 May 2020 20:10 UTC

Return-Path: <stkent@verizon.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C57F3A0AFE for <sidrops@ietfa.amsl.com>; Wed, 6 May 2020 13:10:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verizon.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUjx7c9hXe-m for <sidrops@ietfa.amsl.com>; Wed, 6 May 2020 13:10:46 -0700 (PDT)
Received: from sonic317-26.consmr.mail.bf2.yahoo.com (sonic317-26.consmr.mail.bf2.yahoo.com [74.6.129.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6797A3A0AFB for <sidrops@ietf.org>; Wed, 6 May 2020 13:10:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verizon.net; s=a2048; t=1588795845; bh=cyOBp4z82KlSOUOqYRUfcQFiWSxDhyXb3kxtASBb7tM=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=EXctTtzPbxg4iKc7qhO+dB6TV+yCGsc2pQKORtX57SVKrCtGTtnfFoXu8N6VgtaFrBF7pYFEtyVNzMB+e6H806ZqMm5TpmFfn/UN68PINwMGthdXBlk9qM1unQeyC2AyvL1cTfCzk2UC9FMINw9WaDuNKApvOsIXVMPA6H2yjhNSWfGYSfisNp8B2i95AZVcfpBAnXZP3qXaPq+TcixVU2hEQJuiz/v2b37ELtM/n4uHGMypFWga15X8oVG8jNYRqS2OAEgcZWGH6gz4E78YL7JrYlg4AF5eVsi78L5QuJUui+3pjPrVw0wTTgIcWGI1T0eEakiNjzEkK60+9QTxew==
X-YMail-OSG: Xkay0z8VM1n3wm5Z0fupzQwuR.otjaSXA4cIRsoAhq02UBHj_e3E0r6dxB.7jgl RnnpcVY0c9RX_GLPUrVSbqwReHP3mpxAZbi84t0UFxQZIhBhKDs0NggsvcvBgg4AWnvCqO3NLbon 6cEVsDmUEsunC9lq9_W3n8NlTUn7KqiI5Eq5Z5Hc6ixc6CPJRavebomCx1WmG8jORTaZdDmUjCmY WKuInwR5RrwnY.2Dziy63Vd8W2Jy6bYmluf_b_dwTvj3GMnz.txQ0m2vxZzxiBMElJYbNMgU6Ouj xdDsK81MO5jh1A3QudFnHn1lPNcrOIgenxdSJykOG2wndZM.v7cRntuTGNqdfeSMn3FEDON68YT5 IPF1ppoOHTfiR2Rkaz4rJ6hjcB2uoQHIMgOJZB3i_2B.GUbaUNY32Jb.vGVswNM83mqKQa.pxBoa gm5ws_8Mt3fCPecKuGdEpWqr8wvwwqpOFeHcO0X402FzzScwurV2Jt3BX_E66vDuIRNemGzuV31l JxwwHbrHWAgblUzmGPeldC0f0IE6AIaM66CoeZEjx51vYk7RLNguE.rOG5_e9FUq4WjQNt7fZ0ad JskOZYBUos2LedeFet2BiNAZMM8aSOhadqUoCLG1kFHYqmYnD3jyjQlt87v7T6UyJKTnboB8PWTs Ma1zA9AbBB77krPLfGqcfZ_HFUVgXugW9v.Iz0R2Aa3bOefOuGxE39musW8LmzbycYbdts2UeeaK 3or4jGvKzWSODmkcXPZRdmiz3DjE0IMJWOduSqRiHleAVHNpiw7inCE.mzQnN0RvDjqVeOPZ2V1I QV6vzrtA7U5CcgrFpP0gGmTnMZlZTA77WLWdYV8WEzejoQaw.mw8ySsyWVqKVxgAZ7kQZXUmQE6r Y2t8ryIpoVKneLRYnaI5G9QjivtPWwKd1KppYhiJhTdfEtofZ8_qPokrftqKmq1YxxflJzj2hjaS HifyA0utxRCNsYdvSk3yL.TAWjlS29Bwr5Kf.StHFylGaC0o3z4sIXYSKSiHWTsEtVr0CdLotStU Kn4IM7e4tVEQTB.yLJF8a44CxR2WjEZ2WXgDIBurP3LEfD9D3Zs504iQVS8uUsLQteYNlcSQtpli YrZK9Ll5U67.KE38Hfffkjx4EBWmswk3Xagsx1sEVY_WkEHz378mygo8gHrnewd.E.XYFefJhtV5 HACgQobkdIe57IPEcgjVzc78WE4RpZbGgB4r05_XkVFc9iPBWe6bD04hJHRauXAglYe0rjss2ptC Wb_kOMLjIaFP8BypQn.dlbNbGlS3R224lvyq1txrViqM2QXin9Bj0Pwat0RcyiOyH7VQAr1KAq_z LtbPuEUG_uHpOc61N4kcBi2zj8AhwCqq_MfUHHxQ_xrUKWVHzq6xRv9ShcQK1JKpxhTUMkp6y3dL SsjMpYFFjHlNTbb0bTBY9NT7nDpTT8eHTusHkreg5QjLbHrE9uVE-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic317.consmr.mail.bf2.yahoo.com with HTTP; Wed, 6 May 2020 20:10:45 +0000
Received: by smtp427.mail.bf1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID ddffa0210a83c22c6f2ca0e78990e46b; Wed, 06 May 2020 20:10:43 +0000 (UTC)
To: sidrops@ietf.org
References: <557f0928-c7b1-4b8d-b3b6-078733f7ef8a.ref@verizon.net> <557f0928-c7b1-4b8d-b3b6-078733f7ef8a@verizon.net> <CAKr6gn29namLq5qq6WhhveT+6r7vC8W9SmwPcNP_un93GWmP9A@mail.gmail.com> <7355e27e-ee58-f84b-4fed-9674ae542d94@verizon.net> <m2pnbim4a3.wl-randy@psg.com> <730ce7ed-928b-19e6-cfa3-a5a2eddb03df@verizon.net> <24243.5147.589924.749920@oz.mt.att.com>
From: Stephen Kent <stkent@verizon.net>
Message-ID: <35eb5a4d-9234-288c-6a19-5cdfe02ea0e3@verizon.net>
Date: Wed, 6 May 2020 16:10:42 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Thunderbird/68.7.0
MIME-Version: 1.0
In-Reply-To: <24243.5147.589924.749920@oz.mt.att.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Mailer: WebService/1.1.15756 hermes Apache-HttpAsyncClient/4.1.4 (Java/11.0.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/VU6Uh9E4x-Cwpo_uPJSsoA6mIk8>
Subject: Re: [Sidrops] proposed, revised text for Section 6
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 May 2020 20:10:48 -0000

jay,
> Stephen Kent writes:
>   > These are all valid questions. The WG needs to decide if per-RP
>   > variance, based on fetch timing, local cache failure, etc. meets the
>   > goal of uniform RP processing of RPKI data. I am agnostic on this point.
>   >
>
> Recently I had attempted to gauge if there was WG consensus along
> these lines:
>
>     Each validation run of each RP MUST generate the same set of
>     Validated ROA Payloads (VRPs) when presented with identical input,
>     using unexpired records from the most recent successful retrieval
>     to deal only with complete failure to retrieve from a PP.
>
> Now I have come around to agree with Job's perspective that coarse
> behavior like 'rsync --delete' is not what RPs should do.
>
> An RP should not assume that objects missing in any PP retrieval are
> the fault of the responsible CA.  The objects could be missing due to
> fault of the CA, problems reaching the PP, or other potential causes,
> and the RP cannot know which one it was.  If the RP's cached objects
> can fill in the gaps, that's great.
I am revising the text to mandate use of an RP's cache to fill in for 
missing or damaged files.
> Thus I now feel the straw proposal I offered above is too restrictive.
> I would still want different RP implementations to be 'deterministic'
> such that they produce the same VRPs, but only when operating on an
> identical local cache (including an empty cache as one important case).

OK.

Steve