Re: [Sidrops] feedback on draft-michaelson-rpki-rta

Claudio Jeker <> Tue, 29 December 2020 10:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3E07A3A134B for <>; Tue, 29 Dec 2020 02:14:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.894
X-Spam-Status: No, score=-1.894 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hpLnkpTV-RSn for <>; Tue, 29 Dec 2020 02:14:20 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 15FA83A134C for <>; Tue, 29 Dec 2020 02:14:19 -0800 (PST)
Received: (qmail 46778 invoked by uid 1000); 29 Dec 2020 10:14:12 -0000
Date: Tue, 29 Dec 2020 11:14:12 +0100
From: Claudio Jeker <>
To: Job Snijders <>
Message-ID: <>
References: <X+d3+e5Rj/>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <X+d3+e5Rj/>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <>
Subject: Re: [Sidrops] feedback on draft-michaelson-rpki-rta
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 29 Dec 2020 10:14:23 -0000

On Sat, Dec 26, 2020 at 05:50:49PM +0000, Job Snijders wrote:
> Dear group,
> Reading draft-michaelson-rpki-rta-02 while writing some work-in-progress
> code, I have some suggestions that hopefully improve the ease of use
> of RTAs. WIP:

I checked your diff and the draft. I think one thing in the draft. There
is a big issue with the fact that RTA can be cross signed by multiple
certs. No other resource in RPKI does that and it causes some issues with
the validation process. Until now each CA repo could be checked
independently once ready but now RTA files suddenly have interdependencies
that need special attention. I would like to know why this complication is
needed for RTA - what is the actual use case where multiple signers are
necessary. I currently don't see why this is required (especially since
the resources (ASnum and IP blocks) need to be allowed by all those CA

Your diff needs some work to actually do the full validation. We should
not punt this off to 3rd party. Also in rta_parse() the calloc uses a
wrong sizeof() rta instead of roa (or better just use sizeof(*p.res)).

RFCs like this need some demo resources to play with.
:wq Claudio