Re: [Sidrops] Ben Campbell's No Objection on draft-ietf-sidrops-rtr-keying-03: (with COMMENT)

Randy Bush <randy@psg.com> Wed, 23 January 2019 04:31 UTC

Return-Path: <randy@psg.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 116A1130E0A; Tue, 22 Jan 2019 20:31:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bNPSi-HJzPTt; Tue, 22 Jan 2019 20:31:44 -0800 (PST)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 539E7130DFA; Tue, 22 Jan 2019 20:31:44 -0800 (PST)
Received: from localhost ([127.0.0.1] helo=ryuu.rg.net) by ran.psg.com with esmtp (Exim 4.90_1) (envelope-from <randy@psg.com>) id 1gmACU-0002t3-Ny; Wed, 23 Jan 2019 04:31:43 +0000
Date: Tue, 22 Jan 2019 20:31:41 -0800
Message-ID: <m2muns9eqa.wl-randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Ben Campbell <ben@nostrum.com>
Cc: The IESG <iesg@ietf.org>, SIDR Operations WG <sidrops@ietf.org>
In-Reply-To: <154821398252.13239.9780042427198357683.idtracker@ietfa.amsl.com>
References: <154821398252.13239.9780042427198357683.idtracker@ietfa.amsl.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/25.3 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/_oW8tmgNIFfjtDtdqwWeL1XVOLY>
Subject: Re: [Sidrops] Ben Campbell's No Objection on draft-ietf-sidrops-rtr-keying-03: (with COMMENT)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jan 2019 04:31:46 -0000

on the issue of uploading private keys.  how the wg got where we are.
essentially, we made the mistake of letting operators in.

it's 2am.  the bleeping device melted.  a new key generated by a
replacement device will take a good while to get into the rpki and then
many more hours to get into everybody's bgpsec validation key caches
around the planet [ask geoff why he insisted he did not have to publish
more frequently than once a day].  and by 3am, people with shiny shoes
will be giving the op snake eyes that customers in tiblisi can't give
them money online right now.  when the op tells them it will be tomorrow
afternoon, it is usually referred to as a resume generating event.

randy