IETF Logo Mail Archive

Re: [Sidrops] request for feedback draft-spaghetti-sidrops-rpki-asgroup-00

Russ Housley <housley@vigilsec.com> Tue, 22 November 2022 18:44 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 777CDC14CF11 for <sidrops@ietfa.amsl.com>; Tue, 22 Nov 2022 10:44:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K3OdTWH9qDuP for <sidrops@ietfa.amsl.com>; Tue, 22 Nov 2022 10:44:46 -0800 (PST)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B172C14F606 for <sidrops@ietf.org>; Tue, 22 Nov 2022 10:44:46 -0800 (PST)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id BFFB8877AA; Tue, 22 Nov 2022 13:44:44 -0500 (EST)
Received: from [10.0.1.2] (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id 9FCD08762D; Tue, 22 Nov 2022 13:44:44 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <Y3TjDnCft7DuanWl@snel>
Date: Tue, 22 Nov 2022 13:44:44 -0500
Cc: SIDR Operations WG <sidrops@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <4BC05669-17D7-4DE3-9CDA-D34569766BCD@vigilsec.com>
References: <Y3TbE1fEuZd62Fh2@snel> <36FFD745-C838-4853-B96C-75481E4D1952@ripe.net> <Y3TjDnCft7DuanWl@snel>
To: Job Snijders <job@fastly.com>, fkback@amazon.com
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.10 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/ZwQ09RsGL7AFaoW0K6AOV-7BV8s>
Subject: Re: [Sidrops] request for feedback draft-spaghetti-sidrops-rpki-asgroup-00
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Nov 2022 18:44:47 -0000

I just took a look at the ASN.1 in the draft.

In section 4.1, this looks like a cut-and-paste error:

   ct-rpkiSignedGrouping CONTENT-TYPE ::=
     { TYPE RpkiSignedGrouping
       IDENTIFIED BY id-ct-rpkiSignedGrouping }

   id-ct-signedChecklist OBJECT IDENTIFIER ::=
     { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
       pkcs-9(9) id-smime(16) id-ct(1) TBD }

I think that "id-ct-signedChecklist" should be "id-ct-rpkiSignedGrouping".

In section 4.2, this looks like another cut-and-paste error:

   ct-rpkiSignedGroupingOptOut CONTENT-TYPE ::=
     { TYPE RpkiSignedGrouping
       IDENTIFIED BY id-ct-rpkiSignedGroupingOptOut }

I think the TYPE should be RpkiSignedGroupingOptOut.

While there is nothing wrong with using two ASN.1 modules, you can define both of these content types in one ASN.1 module for simplicity.

Russ

v2.23.0 | Report a Bug | By Email