IETF Logo Mail Archive

Re: [Sidrops] I-D Action: draft-ietf-sidrops-6486bis-06.txt

Ben Maddison <benm@workonline.africa> Thu, 30 September 2021 20:52 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80ADB3A1349 for <sidrops@ietfa.amsl.com>; Thu, 30 Sep 2021 13:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D_IORkqWmBg4 for <sidrops@ietfa.amsl.com>; Thu, 30 Sep 2021 13:52:34 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2087.outbound.protection.outlook.com [40.107.22.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6996A3A11E4 for <sidrops@ietf.org>; Thu, 30 Sep 2021 13:52:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LPWh6AT12P3JbtGred76mWrABqXeb2TqqZg6TRCAmUGJA/I5lomtS7HqcpcpSMWjmpg1ZqzyLRT6FgODPQX2O3lwf281LyvjF/2TJydchcBoN4kMAgp+qChGtVWbUpeeV4r+6SLLwVSPSZJDySBAP8PsBnE6MmHLg4DCsq1BNgp8gchrdizsfKMlLR/0ncwVSPhwPsnQMJJlP0iaxmHEINVEsNBKkxl9MddIElJBBBfY4zjciEazMUq4XfqnDkGJVa6tSTf4s86s80xkZVX2u2WvhrzKmu5/BZThY7QCZPmSqyVWJljhEawEWNzmWhxQUkDElnLpKNlIFaEi2vX+Sg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=PbIbWehtaypr+ykJBJUbHW0kEUoV3eL6Vo/k+TOqlxs=; b=Y3nPV3P4cIAFeprsRw/QUsGTINSfEXPAOTz2KgiFbtMefitCpyrfzBg0x5Lb3E8zSoxDRYTe7pIoTLNtma/U8tSTdgx2s58PjBuFaPH67nWUCAbBNtAA/olq3FB4vv9bcL1jFqCjsPloGaQwTQ3ydJc6eYw0dY+kn01Bvu6CDRChU148Haij1zeuJac+oPk9xCDQ0BeBMiATgVKG5Gk51ueYw/PMMXdybNXw8pVHB4+ql32Nj5zBQ9K45jkbqPMsWoML9BoRZa9vf5AzxAXBRkePlSw8OqOe4r8cbGfPWiKu/gXYNi0DVSID2eXPsIBBxrl87hTVU6jfThLqimOJ6g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PbIbWehtaypr+ykJBJUbHW0kEUoV3eL6Vo/k+TOqlxs=; b=SFD3+MczbLCAw18X9fnnCQJMrotBHKQ6CTVNCApQzG0iO3H5CD3Q8K3xq5nOKkHkE+J+ZAMHsQ5TUboWViZis26pk0req+BtgZ0dsvyqvxFtqJL755ypehn3/QNl7smVwFc5UbClZ4egtkRzwyGykfPvoD1bIzONEudK51zv9/0=
Authentication-Results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=workonline.africa;
Received: from DB9P190MB1083.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:227::9) by DB6P190MB0389.EURP190.PROD.OUTLOOK.COM (2603:10a6:6:32::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.14; Thu, 30 Sep 2021 20:52:21 +0000
Received: from DB9P190MB1083.EURP190.PROD.OUTLOOK.COM ([fe80::6c75:5210:7e56:555a]) by DB9P190MB1083.EURP190.PROD.OUTLOOK.COM ([fe80::6c75:5210:7e56:555a%7]) with mapi id 15.20.4566.016; Thu, 30 Sep 2021 20:52:21 +0000
Date: Thu, 30 Sep 2021 22:52:13 +0200
From: Ben Maddison <benm@workonline.africa>
To: Russ Housley <housley@vigilsec.com>
Cc: SIDR Operations WG <sidrops@ietf.org>, Tim Bruijnzeels <tim@nlnetlabs.nl>, Steve Kent <stephen.kent@verizon.net>
Message-ID: <20210930205213.kzwpn3e4ft3q33a6@benm-laptop>
References: <162730591845.29690.12178353991713962835@ietfa.amsl.com> <2457bdd2-de07-241f-b8e4-87206dabcf16@verizon.net> <28F0ACCE-4D0C-4D80-B4C5-4E8B9D05760F@nlnetlabs.nl> <51acd845-d937-34a1-359b-7379b45e3fe3@verizon.net> <49e73d37-6d26-7715-da60-c2411020d595@verizon.net> <20210930171302.m7b5utqceotecooc@benm-laptop> <B2E57F08-CA61-4713-BFAE-6D36B20EA1D2@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="mhpxupqgxcisxp6q"
Content-Disposition: inline
In-Reply-To: <B2E57F08-CA61-4713-BFAE-6D36B20EA1D2@vigilsec.com>
X-ClientProxiedBy: CT2P275CA0036.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:a::24) To DB9P190MB1083.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:227::9)
MIME-Version: 1.0
Received: from localhost (160.119.236.41) by CT2P275CA0036.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:a::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.14 via Frontend Transport; Thu, 30 Sep 2021 20:52:20 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 9cddf6dd-af2d-4372-6bf3-08d984543266
X-MS-TrafficTypeDiagnostic: DB6P190MB0389:
X-Microsoft-Antispam-PRVS: <DB6P190MB038953B4792291D7A198751CC0AA9@DB6P190MB0389.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: A95sGlKBLZl7WAdxSbZf7XAiuR7p5e7KWUWTJ1UdYcMcmHiexzt0CFeoSRJbpmSGwz8Zxi9XA2WDUjfl+J9z4IjttE3mC6seVen9VueXRuw+enTO7qFqqBReiL5zvRhFAcEISzPB3tKgU9tDk4wNusR8cC8/ELeKluTGojfwR5FKghtZnfcMTNur1xIxO8+9PWcuQbtzbjS21E6PkWTi0iMkHWiXnOstQrSP/KB6cPWmQCku6AzVri6Ujl96O+jD7AzH92WNPsVZPbqRskxKFbMTKvwz3jJxmBmmAWQJQZe3t2xl5aADAcaR36gg7mgV96bur2Y4SXYr82qptGnTUVpN6txhOJVfdYWQGEEpcWVdfLW/XjSzWGjRGW3a9A1Q7ouePb8dIyJhUmOAKtOY3j0vIT80//TRL8SU8JwIXW0kUkmTu/IkeYGaGV9x/vlRrLjB3u0ui4ghSuBDNXdKPKcK/BFlpQf69QvOxrydRFvA0iYJ7lVXDX/TKmpyZgUf1HgkeLKU0z5sbtWjtHQxlREAejeGgnjrZP3b4om5Wyuiu19GZdWXJv0B0ezSbdHDk38UumnwguII1SZhawxBxXMIILLCy+bUlCxNZm8PguXLrCe+BcYtArWY5+sOfAEfcetUSR0rlqGRUiIT4hcYjpuxfkW2wa59VJigJdCcG2rTCU0U/dwalJy8rTPSSHlYs1c+daFZhP6TNjpWB8VpHEiAKJXnyXNnX979nKofzyhwgNr7AC56VI55OXWr+BeW
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P190MB1083.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(366004)(396003)(136003)(39840400004)(376002)(346002)(21480400003)(508600001)(956004)(1076003)(44144004)(86362001)(52116002)(33716001)(6496006)(6916009)(19627235002)(9686003)(186003)(26005)(5660300002)(6486002)(54906003)(4326008)(66556008)(66476007)(316002)(38100700002)(38350700002)(8936002)(8676002)(2906002)(66946007)(83380400001)(6666004)(46492013)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: ONDQLxwNQQXBSvMWv/R4+nAjskm1pKIyAwMct29b0QpBM/5WF6znNiGBp5gL1BgGAOCxr5tKeiuw2UUg6sl1CZwHFK7JNPAdFBH17UirXXJJhW8ekkkCFf4qTYqSEXP8Sinzrb0qzxH2IlvC1tzShYPXbi8XJT3/4PTdVFMavQwYBkZFbwETPYYjvxa/iI/QOqWyHCrm747ZsCHfN1B2xwUO38u7ZqdNS1A4bXBoUkMWIdx4dqYCFSGTF89uwJbmKXLLEOD9PgcQxWRFEFdwvASbbVKeB5r0u/zuctoGe6eZqEGlQrYVx5jd9UDotYyTmAvX82waB3suFNtdxnKCcCgH3Bu6B7A8sLrzpWrreqdUEKdRRH1NOSgDYAVkMTs3mHU3slJ6r+lBMyyFb1Wd6epfoFhKXizvONcSApZUxn68usW4douf/v1ThystKR3hqh0ErYPU/oH7ei+Dx3+KIApQN1OUrvLdPy/QGXCbBQb8UILb9Sc3Ni+f+f8ZBiGkEwh6GjVZUDd8+PVCk8hVUNeVpH6GK93Z+I6l4lRSab/OBI0q5VHb7uSnFC/lYRIKYdDNXaEF+8oKkgbu0yVEDfx0qi5pWkbRoEC2QZxepwGluX48osTiK+bO+hQw9oRgd02ffIO//Xmv/e+YD7P3wXauKPdl0NwYknCxkSPeTHiD/WJMr1DFClL3IbXPcv7HmRPzn1PiMA+qC08H/KdJTkHA5wkm1Tvs90FihXnNQKQwHC3eZ2OE23HMQqKouppewAnABKM18l3mcKccKi8feGiGoVIT3QA3M6zAx76dRDNA2M2/UDE2GQ2CMHePwxpXoaEuAc2MAl0JFgjUAsxCtEPbAIPNBEAa/PPBgKTz7X/DLNXT80VFXBa8dItTlLI1JQxVpkYjjlGMsx763fmpAyjrTSB020f6U9JnMxS+LW/+v5C6SGEilkYXXNZtoq6Umnvl+uahxxhKdA+AvtHu01N3tqAOfPSQP+f9Q5TSPsYz3PYDAF6Q1wlnqg/dxd0LyHl2ur2D0tMMCwj02Aku5SzYyq7knbjqxCO2OgFoG9qSA/1gCVNYA27LZAhazTjTx3Zm5mh/DQG0vbRn8tXRquCzNb/s3/uloKA9OIUG3ONI78nSmA8i34M4nMzUM87V2HQ1A74K2FXb63ndRxSF45SeXg//h2r9bz7oi9AF83LT/IHbVLuBhAwOFjZkAOlz6rY4/90NfjTCQ+10nHZsJn6PATKY0mdrzcvyDdiFxXB8iE2M5yv2FQ8qsHKX4KWLAweeJZXlGmyjP/jaS5yNOg0Cs+aOiEr+8GZBaduPB0Ci6GODd/uVSeQ9khL0VT5z
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 9cddf6dd-af2d-4372-6bf3-08d984543266
X-MS-Exchange-CrossTenant-AuthSource: DB9P190MB1083.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Sep 2021 20:52:20.8682 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: nk2D2CS5PlsRP8HBqjxVvib2ZOgMo8D/3a9y436HDO6ipLLf5Zu7tmDGnAPXVZN2eOBmMqai/y12tTZf9PsIfQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6P190MB0389
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/rrMDd8kH1JXixf9Uut9XJnoewp0>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-6486bis-06.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Sep 2021 20:52:50 -0000

Hi Russ,

On 09/30, Russ Housley wrote:
> 
> 
> > appendix A:
> >    The ASN.1 module should define an instance of the CONTENT-TYPE
> >    class:
> > 
> >    ```
> >    IMPORTS
> >      CONTENT-TYPE FROM CryptographicMessageSyntax-2010 -- in [RFC6268]
> >        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
> >          pkcs-9(9) smime(16) modules(0) id-mod-cms-2009(58) }
> > 
> >    ct-rpkiManifest CONTENT-TYPE ::=
> >        { TYPE Manifest IDENTIFIED BY id-ct-rpkiManifest }
> >    ```
> 
> I agree, it would be good to include an updates ASN.1 module.  To do so, we need to ask IANA to assign a module identifier.
> 
> The improved module is here:
> 
> ...
>
>    CONTENT-TYPE
>       FROM CryptographicMessageSyntax-2009 -- in [RFC5911]
>       { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
>         pkcs-9(9) smime(16) modules(0) id-mod-cms-2004-02(41) } ;
> 
Why CMS-2009 rather than CMS-2010?

Cheers,

Ben

v2.23.0 | Report a Bug | By Email