Re: [Sidrops] request for call for Working Group adoption draft-spaghetti-sidrops-rpki-validation-update

Job Snijders <> Wed, 10 March 2021 15:54 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 50AF43A1219 for <>; Wed, 10 Mar 2021 07:54:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id KPJxYbj9OD4A for <>; Wed, 10 Mar 2021 07:54:27 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D95BB3A11C7 for <>; Wed, 10 Mar 2021 07:54:26 -0800 (PST)
Received: by with SMTP id ox4so24052116ejb.11 for <>; Wed, 10 Mar 2021 07:54:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=tewCqp9HAmnv7MqHMSFQjBaqJNwWD4SBz789ddiKnT4=; b=F50cqRK9mmWEn6Bsj+ST02UhA43dbarJwo+UP63628XOltlwr+zFEefbuynMEWUkKB HG6u2/2ZHkMmYzLqqddrJJeO25C2BWR/dnGQa6qXqQwFQ0DVm2jpEnKAfOHl/Smqu4u1 FSHiQd5NqTMhRbgpqiiWytkNmdwpTmwDWX6jg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=tewCqp9HAmnv7MqHMSFQjBaqJNwWD4SBz789ddiKnT4=; b=ExTgykURMTUBjZ9cY8wtWclZG5oDWOtqpcpnO9jn2VXPX7NgOdoM0ZJPZuIr6oxgkx eKayMPGjmLfb+GZa4MJCrSkz16ZR9ooUHsLAGLlnKUbE4/Ku2ZYnPR/RQzyZuLKNcDf0 9BCafW2K5ePXDDDOdlaeP+cntHh5mvXTaXcK4KSaRUSFuCsdGNu39wDcctCvXICEcMLS 3qt9YHakg7fKg4/R5iGgsoNFITOgeKfSe0M2yQlRw+Dk8YtCiZhhOrwH7r/ctcQlL6eK +S4tUF8ssAKdcArfTYDVkuMp4kKDEKd7sdGNrvGt1fUrDbyG86pI5VwaiNxIcB/IO1BR yTOA==
X-Gm-Message-State: AOAM530PrXijtb6OtyFHKZUEkGEwMssggvFmMy4Yf/RDDqORVxCTj0sD /kp/4qDr9z+FwXYgumfSmBgV4rskeHjgtCLd7MGoDlui60tNbf6XYNTndwj5lhnyYw5+Gqoqqtx v2qBLFvlknAcf/jQRAhRIik6HaGeWYPbtl+WbmcGnHTKVyXaTLJkPuQ0=
X-Google-Smtp-Source: ABdhPJzSceeWa2nf6PSxL/pwi5Xo4svPj7ASLrfBm+DuLbsrOn30/KSxtUkS/4gs39QPE95MHwiaZQ==
X-Received: by 2002:a17:906:1448:: with SMTP id q8mr4369559ejc.449.1615391665091; Wed, 10 Mar 2021 07:54:25 -0800 (PST)
Received: from snel ([2a10:3781:276:0:21e:c2ff:fefb:f388]) by with ESMTPSA id r13sm11104301edy.3.2021. (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Mar 2021 07:54:24 -0800 (PST)
Date: Wed, 10 Mar 2021 16:54:23 +0100
From: Job Snijders <>
Message-ID: <YEjrr9IKijX1+5We@snel>
References: <YEjILk/5hwwX/x9P@snel> <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <>
Subject: Re: [Sidrops] request for call for Working Group adoption draft-spaghetti-sidrops-rpki-validation-update
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 10 Mar 2021 15:54:28 -0000

On Wed, Mar 10, 2021 at 06:03:51AM -0800, Randy Bush wrote:
> > I'd like to request the chairs to consider initiating a call for
> > working group adoption of draft-spaghetti-sidrops-rpki-validation-update
> this is a protocol change and a serious one, and hence does not belong
> in an ops group

There is ongoing operational problem: the original validation algorithm
is lacking. A fix is feasible, and even better: the fix is incrementally

Not adopting this draft might be perceived as an attempt to stiffle
discussion, but would not prevent RP developers from incorporating
improvements which benefit themselves and the users. The IETF's power is
somewhat limited in that regard.

Of course it is fair game to try a tactic like "this is out of scope",
however such sentences do not change the operational reality of the
situation that there is a fundamental problem in the current validation
algorithm ...  for which 'ops' people see a viable path forward. 

Kind regards,


ps. Does anyone on the sidrops@ list have commit access to the OpenSSL
code repository?