Re: [Sidrops] 6486bis: referenced object validation

Benno Overeinder <> Fri, 04 December 2020 13:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C34BC3A0CDB for <>; Fri, 4 Dec 2020 05:13:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D9RHZ6pLpb0Q for <>; Fri, 4 Dec 2020 05:13:46 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 83BF23A07DB for <>; Fri, 4 Dec 2020 05:13:46 -0800 (PST)
Received: from (unknown []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 49CD2602D8; Fri, 4 Dec 2020 13:13:44 +0000 (UTC)
Received: from ( []) by
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=soverin; t=1607087623; bh=Ho91Wx4jst+MDdq+O2o3k/jadwFI9iUN7MZDOiHjeP8=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=C7Tex+HKf+KvdbrlTVPhGN2orrk863oBKpGIPbDDgsQNCzvQaE3431I7riJg1XeOa WHzSdu5h8XLA/ezL5kW89w9/sxVxD1mU9IUkpuJ6LRI33FrZMDBB953AtquoT9RTAu WnjtTDLUMgE0fSg3tv8zZPHc5HRmJpnFgdPwKPBbzeebsxUGHWjYx65s11SSMTWxgz WlqnrX0zid3LoCacuk9umx+i187dJeRpzl/Rfby50TKcZIceEv3fb3lN9c5TCWEeAp ntsZDJhmV2DSm/i5+6U+JjEf1COh3TQplOdzdZcGbY8i/C0c8JVxYSPOVqwOhMvAdG AbpdGgO+/A81w==
To: Job Snijders <>, Tim Bruijnzeels <>
Cc: SIDR Operations WG <>, Martin Hoffmann <>, Ben Maddison <>
References: <20201203224213.gnb2nawujxm7a32q@benm-laptop> <> <> <> <>
From: Benno Overeinder <>
Message-ID: <>
Date: Fri, 04 Dec 2020 14:13:40 +0100
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <>
Subject: Re: [Sidrops] 6486bis: referenced object validation
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 04 Dec 2020 13:13:54 -0000

Hi Job, WG,

On 04/12/2020 13:13, Job Snijders wrote:
> On Fri, Dec 04, 2020 at 11:44:17AM +0100, Tim Bruijnzeels wrote:
>>> Indeed, I believe you've now captured the essence of why manifests
>>> exists at all. This is what rpki-client & FORT seem to have implemented.
>> I suggested this in August:
>> I think a lot of this could have been avoided if we had this
>> discussion then, but I welcome this now..
> Looking back I'm at a loss how "a lot of this" really could've been
> avoided. What additional steps or process should I have followed for
> NLNetLabs/RIPE/Cloudflare to sooner understand the problem with their
> implementation choices and encourage those organisations to provide a
> solution to their users?
> As you know, I reported 'this' as a problem in February 2020 to sidrops@

</snip> timeline for brevity.

Your timeline is correct, as far as I have followed the discussions. 
The remark from Tim is meant to be constructive, not defensive.  Not 
looking back, but looking ahead, I want to focus on how we solve issues 
and discuss them in sidrops.  And indeed, if there is an impasse, 
organise a virtual meeting and discuss the matter to make progress.

> The real goal is to keep the network running, where in this context our
> role is to create software for network operators for them to securely
> validate the wishes of the Internet number resource holders.

Agree to that!

Let's keep the good spirit of collaboration and learning together.

Best regards,

-- Benno

Benno J. Overeinder
NLnet Labs