Re: [Sidrops] About the use of manifests (follow-up from Apr Interim meeting)

Christopher Morrow <christopher.morrow@gmail.com> Mon, 04 May 2020 15:31 UTC

Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 119023A0AD9 for <sidrops@ietfa.amsl.com>; Mon, 4 May 2020 08:31:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oRo7hyOPgSED for <sidrops@ietfa.amsl.com>; Mon, 4 May 2020 08:31:34 -0700 (PDT)
Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0688A3A0AE9 for <sidrops@ietf.org>; Mon, 4 May 2020 08:31:34 -0700 (PDT)
Received: by mail-qv1-xf36.google.com with SMTP id h6so8516605qvz.8 for <sidrops@ietf.org>; Mon, 04 May 2020 08:31:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TijDHJgSuIlz4k7BIcwdRBLgl27Hhb6o0T5iKhcRbhQ=; b=NUhptYZvFw8UMk/WrfhaTXXVzFcJNJgipSiNsqXFswDlYjFlORkWPDfFZJlmXZAik7 fWNqfJhaC02cQQfDziszpB1fY/wrqCtXqfmGzOQ1R9PRQKb/L9nhkfyBWnc9l/E4TmNs lPIgLXs1uSLOw+meMKRpg05LjSFtUQwmN43AogUc/K1ebxpMSZaHgeuO1uIGhA4oQ4k7 X9suJW0shr986kecgx1dEONvcVQzE0I+qf4702CQUDYh+O8R2iampxZ4pV6PiWkfDzhy 64u/EyGArwchGipLb6Qg9sLIlXzrmv2ye/1L1iLUuKdPtvkcj+U83kxQKeF+nU/0NybJ Fbyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TijDHJgSuIlz4k7BIcwdRBLgl27Hhb6o0T5iKhcRbhQ=; b=rDNMSkh5FDQ4pKMJ/mqPJ9DEG0jBwLp+GwiiJrGN0xpc29F93t38jjcxTYQc8xrnCf IkWxH5Jal8ZqQWx6oImY2vb9jBZgo2bo0dP67s5oVofEaIVcfB6hIhZK26r751DI47T+ sGcBNxPhbbRI2fS0VW2y26viAagjgG/SYoj7lg/PKb+t8fYVT5CpSTbWN1snM2Q00PGv I39+ahpyaCVEsq8jSON7f9guZCMfh0T0sBSwqEQAt1ii1HqjYwIT1cfgaNh3fG7Upm/r 0eB37/Fa+7xXgzJcDzfG50fjHmYe/WaVUSxuUSVboY2Bj1u9OUehjuMrLSOjdH0Ai12C fvVw==
X-Gm-Message-State: AGi0PuYVGE7y5bhx8LdNOHY4dfOTaqxT4y7T1w7G74xlp7oOMc2DOCYx 6DehTFszEc1ezoNgPezDMuzK4GHAL2FSSAcXkIM=
X-Google-Smtp-Source: APiQypI9cWkcdkoTWGL9n1mXoHTKqtTNQRvCvejuGIfcaFbUtqNi+dy/KHPoFcxIA0pvall/P5+quVRf20I3079ZdWY=
X-Received: by 2002:ad4:5a06:: with SMTP id ei6mr17131145qvb.70.1588606292820; Mon, 04 May 2020 08:31:32 -0700 (PDT)
MIME-Version: 1.0
References: <20200503190202.GD57581@vurt.meerval.net> <60c43db2-030e-723e-177c-13cc14758c64@verizon.net> <20200503200112.GI57581@vurt.meerval.net> <2d3b8f2f-2872-3652-56d9-6f23f8eb56fa@verizon.net>
In-Reply-To: <2d3b8f2f-2872-3652-56d9-6f23f8eb56fa@verizon.net>
From: Christopher Morrow <christopher.morrow@gmail.com>
Date: Mon, 4 May 2020 11:31:21 -0400
Message-ID: <CAL9jLaZECBz7VALZYvXrYkYsC793bsO7N4otL0-xJU5iF=YocA@mail.gmail.com>
To: Stephen Kent <stkent=40verizon.net@dmarc.ietf.org>
Cc: Job Snijders <job@ntt.net>, SIDR Operations WG <sidrops@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/fo_j4Sm7OpbUZ65nM_erxuYaoWw>
Subject: Re: [Sidrops] About the use of manifests (follow-up from Apr Interim meeting)
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 May 2020 15:31:36 -0000

On Mon, May 4, 2020 at 8:07 AM Stephen Kent
<stkent=40verizon.net@dmarc.ietf.org> wrote:
>
> Job,
> > On Sun, May 03, 2020 at 03:56:22PM -0400, Stephen Kent wrote:
> >> Yes, Section 6 of RFC 6486.
> >>
> >> I believe that most of the changes will arise in 6.2, 6.3, 6.4, 6.5, and
> >> 6.6.
> > The current draft (draft-spaghetti-sidrops-rpki-manifest-validation-00)
> > replaces Section 6 entirely. I don't know if that aligns with IETF
> > etiquette and it has to be done paragraph by paragraph, but I hope this
> > helps clarify our thinking.
>
> I'll see what my co-authors think, but I'm more of an angle hair past
> guy myself :-)

did you mean 'angel hair pasta' ? :) (which I agree, far better than
that gross fat worm pasta... but...)

>
> I think most of 6.1 is OK and I plan to reuse most of it in the rev. The
> ambiguity arises in the discussion of what an RP SHOULD/MUST do when an
> object is missing or in error, which is what the latter parts of Section
> 6 address.

i think this was the meat of the previous discussion:
  "originally we left a lot of wiggle room, because <reasons>"

and today/now:
  "uhm, leaving this much wiggle room was ... oops! folk would REALLY
like to understand
   the tradeoffs in a succinct manner (that does not require phd in
pkix) and some better
   guidelines on what they should set as default behavior that
can/will set a base security/safety
   level for their deployment."

which I think is the goal of job's draft? I understood from previous
email conversations on
the WG list that the previous author set was happy to suggest
improvements but had no time/$$
for the full edit job?

Is there now time/$$ for the editoring to happen?
(maybe I'm confused, which totally could be the case)

-chris
(off reading current draft:
https://tools.ietf.org/id/draft-spaghetti-sidrops-rpki-manifest-validation-00.txt)
>
> Steve
>
> _______________________________________________
> Sidrops mailing list
> Sidrops@ietf.org
> https://www.ietf.org/mailman/listinfo/sidrops