Re: [Sidrops] WGLC: draft-ietf-sidrops-https-tal-03 - ENDS 22 June 2018
Tim Bruijnzeels <tim@nlnetlabs.nl> Wed, 13 June 2018 08:43 UTC
Return-Path: <tim@nlnetlabs.nl>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 359DC130E0A; Wed, 13 Jun 2018 01:43:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b2kUj-CQDvFk; Wed, 13 Jun 2018 01:43:42 -0700 (PDT)
Received: from dicht.nlnetlabs.nl (dicht.nlnetlabs.nl [185.49.140.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3517130E05; Wed, 13 Jun 2018 01:43:41 -0700 (PDT)
Received: from [IPv6:2001:67c:2e8:110:bcfd:17a3:ae54:36f9] (unknown [IPv6:2001:67c:2e8:110:bcfd:17a3:ae54:36f9]) by dicht.nlnetlabs.nl (Postfix) with ESMTPSA id 53DDE845E; Wed, 13 Jun 2018 10:43:40 +0200 (CEST)
Authentication-Results: dicht.nlnetlabs.nl; dmarc=none header.from=nlnetlabs.nl
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnetlabs.nl; s=default; t=1528879420; bh=Hv3RlAKpleZJzDwf2HVv9yZMjSmSL3f9olc74Skjwyk=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=Xba3tUCt997JUraCbKqByb5HSyxOxlwzsgElhgbnE8MgV4hKUsLDTL4Dp/4HZQDZU QIEkLahzclwLOERHw5pkr7LwbA+eZ2wtmX/CKn7DxkvWKMFYm2v+lePrSidAb5xFV3 65qNEejjaCTKLSvqJVoxPJ6/gJ1xtEIcszN5csHY=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
From: Tim Bruijnzeels <tim@nlnetlabs.nl>
In-Reply-To: <20180610092508.GB30348@vurt.meerval.net>
Date: Wed, 13 Jun 2018 10:43:36 +0200
Cc: Chris Morrow <morrowc@ops-netman.net>, sidrops-chairs@ietf.org, sidrops@ietf.org, sidrops-ads@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <B4BCA1F1-D9FE-47D1-B2E4-88C027DBC4EA@nlnetlabs.nl>
References: <yj9ozi05fl3t.wl-morrowc@ops-netman.net> <20180610092508.GB30348@vurt.meerval.net>
To: Job Snijders <job@instituut.net>
X-Mailer: Apple Mail (2.3445.8.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/qegBv117tTk9Xshc2gIHPTEGJ_Q>
Subject: Re: [Sidrops] WGLC: draft-ietf-sidrops-https-tal-03 - ENDS 22 June 2018
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jun 2018 08:43:46 -0000
Hi Job, all, First off: I will be offline for the coming two weeks until 2 July, so don’t take lack of responses from me personally ;) I realise this not convenient during last call but other co-authors can comment as well of course. > On 10 Jun 2018, at 11:25, Job Snijders <job@instituut.net> wrote: > > On Fri, Jun 08, 2018 at 09:45:10AM -0400, Chris Morrow wrote: >> The authors of: draft-ietf-sidrops-https-tal-03 would like the WG to >> consider a WGLC of their document, abstract: >> >> "This document defines a Trust Anchor Locator (TAL) for the Resource >> Public Key Infrastructure (RPKI). This document obsoletes RFC 7730 >> by adding support for HTTPS URIs in a TAL." >> >> Please have a read through the document and send along >> comments/questions/additions/subtractions so the authors can amend if >> required with the intent to move this document along the proper path >> in short order. > > Read. I support publication. > > Nits: > > 1/ "one of more" should perhaps be "one or more”? ack > > 2/ OLD: "However, a MITM can perform withhold or replay attacks > targeting a Relying Party and keep the Relying Party from learning about > an update CA certificate." > > PERHAPS: "However, a MITM attack can be performed to prevent the Relying > Party from learning about an updated CA certificate.” > I am okay with your text, but the ‘OLD’ text is more explicit about how the MITM can affect the RP. This text was mostly stolen from the delta protocol: https://tools.ietf.org/html/rfc8182#section-4.3 And that went through some revisions in the IESG. I don’t have strong feelings either way as long as it’s clear to readers. Kind regards, Tim > Kind regards, > > Job > > _______________________________________________ > Sidrops mailing list > Sidrops@ietf.org > https://www.ietf.org/mailman/listinfo/sidrops >
- Re: [Sidrops] WGLC: draft-ietf-sidrops-https-tal-… Tim Bruijnzeels
- [Sidrops] WGLC: draft-ietf-sidrops-https-tal-03 -… Chris Morrow
- Re: [Sidrops] WGLC: draft-ietf-sidrops-https-tal-… Job Snijders
- Re: [Sidrops] WGLC: draft-ietf-sidrops-https-tal-… Di Ma