[Sidrops] Re: Deb Cooley's No Objection on draft-ietf-sidrops-rpki-ccr-08: (with COMMENT)
Deb Cooley <debcooley1@gmail.com> Mon, 22 June 2026 21:54 UTC
Return-Path: <debcooley1@gmail.com>
X-Original-To: sidrops@mail2.ietf.org
Delivered-To: sidrops@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id A083B105623F2 for <sidrops@mail2.ietf.org>; Mon, 22 Jun 2026 14:54:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1782165272; bh=MQlbH/01tFlKXyyar5Ib+AdCnvzDoAjRoubeN9MyLP4=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=PmDEYlz0IMLmQsDQDRv2qgEL+huCI0MP7wL9SuKF5QopNYfMOSzJlfG4Fy03hGYED MvcB2eq2Xr3jPxHhRcG9vg/H1OBTBTZMCXboxRYjkiCJnERMtOckAIZ8Z8eSt8i20W JrYA04OunmQwMNzx3QnOsDCZcw+HWUr3iO2EITTk=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zcX1OoePgoIe for <sidrops@mail2.ietf.org>; Mon, 22 Jun 2026 14:54:30 -0700 (PDT)
Received: from mail-dy1-x132b.google.com (mail-dy1-x132b.google.com [IPv6:2607:f8b0:4864:20::132b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id C68BB105623D2 for <sidrops@ietf.org>; Mon, 22 Jun 2026 14:54:30 -0700 (PDT)
Received: by mail-dy1-x132b.google.com with SMTP id 5a478bee46e88-30bc871ecdfso5842795eec.1 for <sidrops@ietf.org>; Mon, 22 Jun 2026 14:54:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1782165270; cv=none; d=google.com; s=arc-20240605; b=GIrY95pQt77muJvuNF/8vVB9nTpqy3SqYMSHE/g5k/GM+kuCjWqMGIQI2GMss8GFll aAo6BGGVZeQeCqWry/pAgej+bL/jo5hRlQbQWSPcvcrb0LDidigBK20h3hqifzE3cJfV /wf08DrjUHLTuDtEDmFjNdeTFWH/L7KbmkHpKj1zNlrDjfe4ZtI7N6iO9b8FnxckBayU 0XuMtEm1O5PhxOVrAuKHJp22zLDFInspWEI3cRv248TADtc9USUP6vyftr6doAHq/a2X MP1uFV6ZwPVux7TSTtcthoUvG9ez79GOqL1pXIA/6aCr1t0VKJZZnUFq8i+3KzGqV51T ySeQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=zbHmalelxSnmMnHBM8wEEGe8nJiy/3hSR/5Fl1WwDyM=; fh=+D/N7TgfFAriqRniRKRK7DhggIytujof4MgBXECDtn8=; b=O6e8gbhFzfy+jp/chUSJyZ38eIoXfEzw2amAGpF++VGJSrGjXX8HMCTKPbsQGwcfVy r+LxLnsIlCLnjnktLmMpLhKpToWFEHUN54ikP0NFNt1l83gvwyBtXEGyOBthKpdQDkOw Xi+BqeCBDMn3bVpI9XbpduiaoZ5/Vm2dua0UgtpCiRU19Q9Ff3tW3CRAI6Q95BdLCn3i 4VL02kcN6PSnkCmEaS8v/JlM4tb4jIxC69lPfEZD2gz8eCGFOnk0LUxgOtUUEve22fl5 OqKHPSWR693tsFoc9EKQgSxDIJI6VjNbYT2ke4I7ti35pxdnrM4v+8yB8dPDLDtEBHYu e9OA==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782165270; x=1782770070; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=zbHmalelxSnmMnHBM8wEEGe8nJiy/3hSR/5Fl1WwDyM=; b=J5sbv80/aS8joXZtMBfzHH3l2OXYdF+2EGNNGMpya5EnydYyrmXeNDpYMKj4Ilad78 ptNxZTbXT3FNkoD1FKO/7YcQnOGCHVwWNODCwWbzfe50fJekQQuvmYqhNU9hzQd6aF0x jX8etBHU+6QXa3QqwtUfR9gbUYxNUGYP88I7wleKkOhGynlFyona6J3UJXTvjUINLdpX s5RyqV5yBrX0ToB9dEmH4S7FOfwGiYsP5MCpgml8qmnAcMptE+2kBaOJjbMKXTYyc6hC 93pMURHGTW3JNqPIi45XuFpgaH8YccOMxp0Nc6Iv3VaMKvfUO+CZzDDvgW/NM+2f1tGI 7zRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782165270; x=1782770070; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=zbHmalelxSnmMnHBM8wEEGe8nJiy/3hSR/5Fl1WwDyM=; b=kpneq3KkoT7YJKc009uiSVRESzyCpQ2+DQ34Lzcr3qc8V4UU9d8weu83yL8GZ4lDHt iynuEGC76BHNjqlKCDiQ7hvsm2nxy/WwhV/uvbGsQV4FPAjd/2C3c6jpD/fWYrrzqC/t N0SsuQ2Su3A4FPrceMl4w/2oV5M47nJCBV4WsdSpVaPLa9TGgWuHmYoU4RoD+6NQLy+N TPVfrncyZVPGx1++rT/SAsoXzrfnkCg4B1xywI/LZz7WpggjgLQ30TVNM23zOJiYfjSv lBpRc2YrON4xKYNaLq2uhtZn1IOzfrAY97sYwT2pn9WLWR7HL6YNtIAr9gi+BYpmDDGB nBFw==
X-Forwarded-Encrypted: i=1; AHgh+RqNcgMUZ4qAduAHGpmmy/GmEymBkIQLJIEAMxziO3AmgModlZaeRxVO1HxmUd6E0Uy2mScwXXgF@ietf.org
X-Gm-Message-State: AOJu0Ywx6enQQb4oAGPLp2McjHXNcSedRNtYpapc8DizhixW4bKVOMBx AH32DfNJDPFdt3b1j67jXxuGY7w3m8hYdGZ8OLfFjfo3Aq1mRd/UbQnDM7UqiJDwZe2Mjt7XtrV yYylHSI7958hkR/xRJAEtvEB85NxUUA==
X-Gm-Gg: AfdE7cmzt0JR775wTcUgf4ewqntpYoA8FjrTgVwixIcNPqQT/sPnfw2WcbMdtD/Ph0k TdbMv4r4YhUCCL+cmUfBkZAzSVl/ZRl8hpXfZBkGkLKOJ8Sh1Yxgu/nhRQpQkvpPpM+HCTrpgAn lGPrICoUOk6O4x2k9hwj0jri+L7PqSFXag1I4M+kXhFBswDXBEGr2WFiDXuQJY9p0U/ZHngbZg2 u4DqFhocderaQkNW1PGtWgUfFn8NG0tKpGeKcFnpuQUY4QrrcME4AmKZ0hPtUjRdikjbw1GntIs Qf1fKpYTQ+PY4vtg+uJp86MA1LIR92F0uUwLPDonLRPNKXLdzAyg2KNToQB+7DAGECp5nOBt37g ooMWmDfAQFbdNHbU=
X-Received: by 2002:a05:7300:a584:b0:2da:2ec2:64fe with SMTP id 5a478bee46e88-30c07035e02mr10144352eec.24.1782165269648; Mon, 22 Jun 2026 14:54:29 -0700 (PDT)
MIME-Version: 1.0
References: <178215466078.1222153.17712275187408238068@dt-datatracker-f9b87776f-xzl65> <ajmYMXaqOHcCrw_8@feather.sobornost.net>
In-Reply-To: <ajmYMXaqOHcCrw_8@feather.sobornost.net>
From: Deb Cooley <debcooley1@gmail.com>
Date: Mon, 22 Jun 2026 17:54:17 -0400
X-Gm-Features: AVVi8Ce1V1sDUondZr84OO34C1bPSn3FTW-t8-71Wd-0I52z82ypsp9Fs-FGylc
Message-ID: <CAGgd1Oc=oMPn3ktmwV5MS3ytaiZygBxx5VVyxSuv+VDfkuxwMA@mail.gmail.com>
To: Job Snijders <job@bsd.nl>
Content-Type: multipart/alternative; boundary="000000000000d419e90654deaf66"
Message-ID-Hash: DBOAVQE7Z7ERGDLTFBDOLVNTKXKPILPC
X-Message-ID-Hash: DBOAVQE7Z7ERGDLTFBDOLVNTKXKPILPC
X-MailFrom: debcooley1@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-sidrops.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-sidrops-rpki-ccr@ietf.org, housley@vigilsec.com, sidrops-chairs@ietf.org, sidrops@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Sidrops] Re: Deb Cooley's No Objection on draft-ietf-sidrops-rpki-ccr-08: (with COMMENT)
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/v2IcmS3_p_dvVkPw8ljpcXK9iYg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Owner: <mailto:sidrops-owner@ietf.org>
List-Post: <mailto:sidrops@ietf.org>
List-Subscribe: <mailto:sidrops-join@ietf.org>
List-Unsubscribe: <mailto:sidrops-leave@ietf.org>
Thanks for the speedy reply!! inline with [DC] On Mon, Jun 22, 2026 at 4:16 PM Job Snijders <job@bsd.nl> wrote: > Dear Deb, > > Thank you for taking the time to review this document. > > On Mon, Jun 22, 2026 at 11:57:40AM -0700, Deb Cooley via Datatracker wrote: > > Deb Cooley has entered the following ballot position for > > draft-ietf-sidrops-rpki-ccr-08: No Objection > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-sidrops-rpki-ccr/ > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > I would appreciate consideration, most of these can be resolved pretty > easily. > > > > Thanks to Joe Salowey for their secdir review. I agree with Joe's > assessment: > > > > - The continued use of SHA-1 (Section 3.4.1.1 Subordinates and Section > 3.4.4): > > At some point, a migration will have to happen, because at some point > > implementations won't have SHA-1 implemented. If it doesn't make sense > to fix > > this issue in this draft, I recommend that the risks be mentioned in > Section 6. > > I'm sorry to say but both your and Joe's review appear to fail to > appreciate the context within which SHA-1 is used here. What risk > _exactly_ should be mentioned in section 6? It seems too simplistic to > blindly raise an issue on any and all use of SHA-1. > [DC] perhaps I used the wrong word 'risk'. The real issue is that SHA-1 will not be implemented in the future. I guess the risk here is that SKI and AKI can't actually be validated at all in that case. Again, I agree that this draft might not be the place, but the working group, and indeed the community should consider the future if/when SHA-1 is deprecated enough that it stops being implemented. > > What risk is there in the use of SHA-1 in the RPKI certificate profile? > SHA-1 is not used for cryptographic purposes in the RPKI. > [DC] it isn't crystal clear, except to those that know how X.509 certificates work to know that the SKI and AKI are in fact, hashed and signed as part of the certificate signature. > > I believe that the robustness of the RPKI depends *entirely* on the > robustness of RSA-2048 and SHA-256. If you have reason to believe > otherwise please explain. > [DC] this is true, but RSA-2048 won't stand forever. Again, not an issue for this draft. > > I'll attempt to contextualize the use of SHA-1, my apologies if I'm > being too verbose. > > The 'ManifestInstance' structure contains a 'hash' field, this field > contains a SHA-256. The state of the art cannot collide SHA-256, right? > > Then the next field in the 'ManifestInstance' structure is 'size', I > think we'll agree that multiple different digital objects could have the > same file size, and that this is not an issue because the aforementioned > SHA-256 uniquely identifies the underlaying object? However, it is > convenient for CCR consumers to know the object size associated with the > SHA-256. > > Now, the _exact_ same thing applies to the 'aki' field (which contains > a SHA-1). That SHA-1 string appears verbatim in the object referenced > by the SHA-256 in the 'hash' field. Just like with 'size' field, > any 'collisions' are not an issue. > > Finally, the ManifestState contains a SHA-256 computed over all the > instances of ManifestInstance. This makes CCR a simple hash tree. > [DC] while hash collisions when SHA-256 is used are not feasible, the attacker can replace the parts they want, and rehash the whole structure. Hashes don't protect 'integrity' (see below), they do function as a way to detect non malicious file corruption. > > (As an aside: key identifier 'collisions' can in fact happen trivially, > simply by virtue of multiple RPKI certification authorities using > the same key pair. Of course, using the same key pair for different > certificates is not the best practise, but there is no technological way > to stop anyone from inappropriately using the same RSA-2048 private key > for multiple different RPKI CAs.) > [DC] indeed, and I might raise an issue for this too (and I did do this prior to retiring in my day job). > > > - Privacy/sensitive information: The ramifications of the information > > not being public should be explained in Section 6 where it is > > mentioned in the last para. > > I have trouble following the above paragraph. > [DC] The current language is 'RPKI information is normally public'. What happens if it isn't public? Or is it 'always public'? Recognizing that the language isn't 'normative', but sort of reads that way. Is there a recommendation if the information isn't public? Don't include it in the CCR? > > > Section 5.1: Verifying a hash value that isn't signed isn't actually > > an integrity check, except in the case of unintentional integrity > > issues. Certainly an attacker can modify both the original data and > > the hash. Please clarify what type of integrity is required/intended. > > Many file formats use a CRC, or stronger hash (such as SHA-256) to help > detect truncation or other forms of file corruption. The draft notes > that the provenance of a CCR file is out of scope. > > I believe 'integrity' is the right word, here, but it reads like you > interpret the use of the word 'integrity' as 'authenticity', is that > correct? > [DC] I do think it would be helpful to say that the concern is non-malicious corruption. To me, integrity spans the whole space from simple bit flips to impersonation. If it isn't specified, I usually assume that it is intended to protect against a malicious attacker. > > > Section 6, last para: I'm not sure how the fact that CCRs are not > > signed is related to whether the RPKI information is public (or not). > > Perhaps two paragraphs are needed? Move the middle sentence out into > > its own paragraph (since it has nothing to do with signatures or > > authenticity. > > Thank you for the suggestion, I think that indeed helps with the > readability. I've updated the edit buffer as follows: > > https://github.com/job/draft-sidrops-rpki-ccr/commit/66349a3eb73f5a87af20709aedc2d4fe3a5466de [DC] that's better, thanks. > > > Kind regards, > > Job >
- [Sidrops] Deb Cooley's No Objection on draft-ietf… Deb Cooley via Datatracker
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Theo Buehler
- [Sidrops] Re: Deb Cooley's No Objection on draft-… S Moonesamy
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Job Snijders
- [Sidrops] Re: Deb Cooley's No Objection on draft-… S Moonesamy
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Job Snijders
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Job Snijders
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Deb Cooley
- [Sidrops] Re: Deb Cooley's No Objection on draft-… S Moonesamy
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Job Snijders
- [Sidrops] Re: Deb Cooley's No Objection on draft-… Deb Cooley