[Sidrops] Opsdir last call review of draft-ietf-sidrops-rpki-tree-validation-02

Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de> Thu, 09 August 2018 20:01 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Jürgen Schönwälder <j.schoenwaelder@jacobs-university.de>
To: ops-dir@ietf.org
Cc: sidrops@ietf.org, ietf@ietf.org, draft-ietf-sidrops-rpki-tree-validation.all@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <153384489210.28635.11096824147990448991@ietfa.amsl.com>
Date: Thu, 09 Aug 2018 13:01:32 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/p8m3M9aF4cFfLFCcXJW3FHE4KHc>
Subject: [Sidrops] Opsdir last call review of draft-ietf-sidrops-rpki-tree-validation-02

Reviewer: Jürgen Schönwälder
Review result: Ready

This is an informational draft documenting a specific algorithm
used to validate RPKI certificate trees. The draft is well
written	and appears to be technically sound.

The code of the RIPE NCC implementation can be found on github
(follow the reference [github] contained in the draft). The README
on github says that there is a newer rpki-validator-3 and it is
somewhat unclear whether the algorithm described in this I-D is also
used by rpki-validator-3 or whether this I-D documents an algorithm
used by a meanwhile "legacy" implementation. I understand that this
I-D took almost 6 years from the initial -00 version to IETF last
call. Anyway, it may help if the github READMEs will eventually refer
to the RFC version of this I-D and explain to what extend the code
follows the algorithm detailed in this document. So this is more a
comment to the RIPE NCC maintainers of the github repository.

Nits:

- draft-ietf-sidr-rpki-validation-reconsidered-10 is now RFC 8360
- draft-ietf-sidr-delta-protocol-08 is now RFC 8182

[Sidrops] Opsdir last call review of draft-ietf-s… Jürgen Schönwälder