Re: [Sidrops] [WG ADOPTION] Adoption call: draft-timbru-sidrops-publication-server-bcp - ENDS 02/08/2024
Job Snijders <job@fastly.com> Tue, 06 February 2024 17:38 UTC
Return-Path: <job@fastly.com>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D6DBC151983 for <sidrops@ietfa.amsl.com>; Tue, 6 Feb 2024 09:38:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fastly.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vwvw4MCNv2pd for <sidrops@ietfa.amsl.com>; Tue, 6 Feb 2024 09:38:34 -0800 (PST)
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86F76C151081 for <sidrops@ietf.org>; Tue, 6 Feb 2024 09:38:34 -0800 (PST)
Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-56061ad3d3dso1704033a12.1 for <sidrops@ietf.org>; Tue, 06 Feb 2024 09:38:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastly.com; s=google; t=1707241113; x=1707845913; darn=ietf.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=igdxl6TPKMpjAjywkCiMczWD7OTd7kHCoFLLJb8JdaU=; b=sJzv3+pyE4r5Pfv0z6TJ2b+8slm7dBlAZ46HPy5WI3hiqB5kw2rMKiVX7xOgZKs7nS pau4ALNEy5jP0ehPe/k4nRd7pNdGVtmnK/vitVcJRGpxiyT+y//pnGb0OniIKmHo8F4X v1wllfBrNh5FeGI5iNPLtFB92Mipn7BGiaYkg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707241113; x=1707845913; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=igdxl6TPKMpjAjywkCiMczWD7OTd7kHCoFLLJb8JdaU=; b=WzxBvsUYtqFlDcpSVhIcgRFXEh64yh7NDfD2/lcqYJ4rO957IXI2G3TpAw4tu+4MEl KIk6u1pxiYggYTK+nIj854AMFe+L+NKxBeGmJWTD7jiAAJsmg5Q85FGHsuW/OKT79tDy OpV4eiRFPd5dGp5JYt/shAh0xtozit9bqI5dkDPTZh8A8xRXEjjoHo8kxD1aoYpajxWh s5lo5g1UTy7rMuU+Y0LBCkbBlJdOBbVKBhAeDnJPF2PD+nLJJjHWSwAjgQc9CTyHqLfE UrB6ZUKQz6AswnfwqfT8KlXLoMoUoZy+oppq6vjE/1ARplEGdXEsRWKBuEIR2Fm4PgXm uttw==
X-Gm-Message-State: AOJu0YwaK3iUdmgio4Zsz4P1I/y/eP5VKZS1tcXuG9lGcWdBhOKmsFz9 xJdeJm0rcCzXHeV3PZ2D6GCCUfcPFekJAPv2h+6owPi5uqsc6QKzgKQInwpS0qg=
X-Google-Smtp-Source: AGHT+IEktgtlrKZ6fpTw8Fw4uUguhv9O+V3SxlknBXsEFxNjceQj7PWQDDr/64X9Kuue7tvvGrWOeQ==
X-Received: by 2002:aa7:cf90:0:b0:55f:3463:2109 with SMTP id z16-20020aa7cf90000000b0055f34632109mr3475953edx.10.1707241112933; Tue, 06 Feb 2024 09:38:32 -0800 (PST)
X-Forwarded-Encrypted: i=0; AJvYcCUvv2xARPhOiM183cqFV/VH4SIZM2xZj9cQ6LBjx2G96a77Tv1rtI5yIMfJBb5MYt7wq7eVS5CovZWmTouvg1jeBAb2P+SxGI4sCP1EUxVIf+ut8M9uUj4GkdTck65lqzPxmxv4uIk=
Received: from snel ([2a10:3781:276:3:16f6:d8ff:fe47:2eb7]) by smtp.gmail.com with ESMTPSA id ba14-20020a0564021ace00b005605716e755sm1231075edb.52.2024.02.06.09.38.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Feb 2024 09:38:32 -0800 (PST)
Date: Tue, 06 Feb 2024 18:38:30 +0100
From: Job Snijders <job@fastly.com>
To: Tim Bruijnzeels <tbruijnzeels@ripe.net>
Cc: Ties de Kock <tdekock@ripe.net>, Russ Housley <housley@vigilsec.com>, IETF SIDRops <sidrops@ietf.org>
Message-ID: <ZcJulgLqKapjnvYn@snel>
References: <87h6j1kug1.wl-morrowc@ops-netman.net> <B60D7B39-FA81-45AF-BCBD-2784F91B43C3@vigilsec.com> <ZcFNNfrkMFxKf5hN@snel> <BBE2320C-4525-4713-B4AF-3F00ECD4228A@ripe.net> <ZcIuI7lS1OtOW_xT@snel> <EFFA95AA-F07D-490B-BEC3-0446ED2D3AA2@ripe.net> <ZcJmeFCmU9Txsk7M@snel>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <ZcJmeFCmU9Txsk7M@snel>
X-Clacks-Overhead: GNU Terry Pratchett
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/ulvAvJMjmgHfvN23BcmFTEh5ZB4>
Subject: Re: [Sidrops] [WG ADOPTION] Adoption call: draft-timbru-sidrops-publication-server-bcp - ENDS 02/08/2024
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Feb 2024 17:38:38 -0000
Dear all, On the topic of the publication best practises, it might be good to strongly recommend that RRDP notification file, delta files, and snapshot file all be hosted on the same FQDN. But, AFAIK, the RRDP specification doesn't actually require this. This 'same origin' check was added back in 2021 to rpki-client to guard against notification files pointing to giant files on open source mirrors or towards other people's (large) RRDP snapshots. Since 2021, the global RPKI publication ecosystem appears to naturally comply with this informal expectation, as in, the check doesn't appear to cause friction. Thoughts? Kind regards, Job
- [Sidrops] [WG ADOPTION] Adoption call: draft-timb… Chris Morrow
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Tim Bruijnzeels
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Russ Housley
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Di Ma
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Ties de Kock
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Hollyman, Michael
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Tim Bruijnzeels
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Tim Bruijnzeels
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Lukas Tribus
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Ties de Kock
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Job Snijders
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Ties de Kock
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Claudio Jeker
- Re: [Sidrops] [WG ADOPTION] Adoption call: draft-… Tim Bruijnzeels
- [Sidrops] Re: [WG ADOPTION] Adoption call: draft-… Job Snijders
- [Sidrops] Re: [WG ADOPTION] Adoption call: draft-… Tim Bruijnzeels
- [Sidrops] Re: [WG ADOPTION] Adoption call: draft-… Christopher Morrow