From Sandra.Murphy@sparta.com Mon Jul 1 12:40:21 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD6D811E825A for ; Mon, 1 Jul 2013 12:40:21 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0VXewKUWMdsU for ; Mon, 1 Jul 2013 12:40:16 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id 8F6AB21F883D for ; Mon, 1 Jul 2013 12:40:16 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r61JeFbx010887 for ; Mon, 1 Jul 2013 12:40:15 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r61JeEbP021706 for ; Mon, 1 Jul 2013 12:40:15 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 1 Jul 2013 15:41:09 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: important dates for IETF 87 Berlin Germany Thread-Index: Ac52ktle1GMfojuwRMKXd8znPepLiA== Date: Mon, 1 Jul 2013 19:41:08 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F674975D2B@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] important dates for IETF 87 Berlin Germany X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jul 2013 19:40:22 -0000 The first of these dates is one week away - submission of internet-draft in= itial versions (-00 version).=0A= =0A= If you have thoughts of submitting a -00 *working group* draft (i.e., draft= -ietf-sidr-xxxx-00.txt), you should be in touch with the co-chairs (all of = them) as soon as possible for approval. =0A= =0A= 2013-07-08 (Monday): Internet Draft Cut-off for initial document (-00) subm= ission by UTC 24:00.=0A= 2013-07-15 (Monday): Internet Draft final submission cut-off by UTC 24:00.= =0A= 2013-07-17 (Wednesday): Draft Working Group agendas due by UTC 24:00.=0A= 2013-07-19 (Friday): Early Bird registration and payment cut-off at UTC 24:= 00.=0A= 2013-07-22 (Monday): Revised Working Group agendas due by UTC 24:00, upload= using IETF Meeting Materials Management Tool.=0A= =0A= --Sandy, speaking as wg co-chair=0A= From Sandra.Murphy@sparta.com Mon Jul 1 12:43:14 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F118411E825C for ; Mon, 1 Jul 2013 12:43:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8RrhNOAz1fuS for ; Mon, 1 Jul 2013 12:43:09 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id D44B711E826D for ; Mon, 1 Jul 2013 12:43:04 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r61JgxOA029320 for ; Mon, 1 Jul 2013 14:42:59 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r61JgxXo012225 for ; Mon, 1 Jul 2013 14:42:59 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 1 Jul 2013 15:43:54 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: agenda requests for IETF 87 Thread-Index: AQHOdpNRwB/LswCPWEiD+0y/ZWWA6w== Date: Mon, 1 Jul 2013 19:43:53 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F674975D3D@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] agenda requests for IETF 87 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jul 2013 19:43:14 -0000 If you want to speak at IETF 87, please send a request to the list and the = co-chairs.=0A= =0A= The draft agenda is due soon:=0A= =0A= 2013-07-17 (Wednesday): Draft Working Group agendas due=0A= =0A= --Sandy, speaking as wg co-chair= From Sandra.Murphy@sparta.com Mon Jul 1 12:49:31 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 460F011E811B for ; Mon, 1 Jul 2013 12:49:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CwJ2Qev5l6UA for ; Mon, 1 Jul 2013 12:49:27 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id A458F21F90EF for ; Mon, 1 Jul 2013 12:48:59 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r61JmxWt010949 for ; Mon, 1 Jul 2013 12:48:59 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r61JmwIQ021997 for ; Mon, 1 Jul 2013 12:48:58 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 1 Jul 2013 15:49:53 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: IETF 87 sidr meeting slots in draft agenda Thread-Index: Ac52lAblbSIeJ1TySNuXSYA86RE7WQ== Date: Mon, 1 Jul 2013 19:49:52 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F674975D50@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] IETF 87 sidr meeting slots in draft agenda X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Jul 2013 19:49:31 -0000 The draft agenda is available at https://datatracker.ietf.org/meeting/87/ag= enda.html.=0A= =0A= sidr has three meeting slots:=0A= =0A= 1510-1610 CEST Wednesday Afternoon Session II=0A= =0A= 1120-1220 CEST Friday Afternoon Session I=0A= =0A= 1230-1330 CEST Friday Afternoon Session II=0A= =0A= --Sandy, speaking as wg co-chair=0A= From waehlisch@ieee.org Tue Jul 2 02:19:42 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B07C011E844F for ; Tue, 2 Jul 2013 02:19:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.249 X-Spam-Level: X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N-DLgD3iZJ3a for ; Tue, 2 Jul 2013 02:19:38 -0700 (PDT) Received: from mail1.rz.htw-berlin.de (mail1.rz.htw-berlin.de [141.45.10.101]) by ietfa.amsl.com (Postfix) with ESMTP id 7482D11E844C for ; Tue, 2 Jul 2013 02:19:38 -0700 (PDT) Envelope-to: sidr@ietf.org Received: from mobi.imp.fu-berlin.de ([160.45.111.20] helo=mw-PC) by mail1.rz.htw-berlin.de with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1UtwkK-000Htu-MT for sidr@ietf.org; Tue, 02 Jul 2013 11:19:36 +0200 Date: Tue, 2 Jul 2013 11:19:35 +0200 From: Matthias Waehlisch To: "sidr@ietf.org" Message-ID: X-X-Sender: mw@mail2.rz.fhtw-berlin.de MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-HTW-SPAMINFO: this message was scanned by eXpurgate (http://www.eleven.de) X-HTW-DELIVERED-TO: sidr@ietf.org Subject: [sidr] Pre-IETF RPKI Workshop X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Jul 2013 09:19:42 -0000 Hi folks, some of you already know: Right before the IETF there are two RPKI activities * July 26: RPKI Tutorial and Hands-on Experiments * July 27: Workshop on RPKI Deployment Strategies Feel free to join! More details including registration: http://rpkiws.realmv6.org/ Cheers matthias -- Matthias Waehlisch . Freie Universitaet Berlin, Inst. fuer Informatik, AG CST . Takustr. 9, D-14195 Berlin, Germany .. mailto:waehlisch@ieee.org .. http://www.inf.fu-berlin.de/~waehl :. Also: http://inet.cpt.haw-hamburg.de .. http://www.link-lab.net From Sandra.Murphy@sparta.com Wed Jul 3 09:25:42 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0C6C11E811A for ; Wed, 3 Jul 2013 09:25:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xQlN97ssJzi2 for ; Wed, 3 Jul 2013 09:25:33 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id C803421F9CFE for ; Wed, 3 Jul 2013 09:25:33 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r63GPVN4008851 for ; Wed, 3 Jul 2013 11:25:32 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r63GPVJg025621 for ; Wed, 3 Jul 2013 11:25:31 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Wed, 3 Jul 2013 12:26:24 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: Draft submission deadlines change Thread-Index: AQHOd6zGcAsaLmTlgU+29v9E5y5GB5lTJJr5 Date: Wed, 3 Jul 2013 16:26:23 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F674976200@CVA-MB002.centreville.ads.sparta.com> References: <20130703051701.22549.85585.idtracker@ietfa.amsl.com> In-Reply-To: <20130703051701.22549.85585.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] FW: Draft submission deadlines change X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2013 16:25:42 -0000 Spoke too soon about the -00 deadline. See below.=0A= =0A= --Sandy=0A= ________________________________________=0A= From: ietf-announce-bounces@ietf.org [ietf-announce-bounces@ietf.org] on be= half of IETF Chair [chair@ietf.org]=0A= Sent: Wednesday, July 03, 2013 1:17 AM=0A= To: IETF Announcement List=0A= Subject: Draft submission deadlines change=0A= =0A= Please note that for IETF 87, there is only one deadline for draft submissi= on: Monday 15th July. Previously, there had been two different deadlines, o= ne for -00 and another one for other versions. The IESG has decided to expe= riment with just one deadline for now to simplify the set of deadlines and = enable easier submission of new drafts. While we realise that the change co= mes near the deadline, we hope that you find the extra time useful.=0A= =0A= But please do note that working group chairs will continue to make smart de= cisions about what topics are worthwhile for discussing in a session in the= upcoming meeting, and will also set their agendas in a timely manner and c= reate deadlines for their working groups that must be adhered to. The earli= er new drafts are submitted, the more time there is to talk about them on t= he mailing lists and consider them for the session agendas. This is particu= larly important for BoFs.=0A= =0A= Jari Arkko for the IESG=0A= From wesley.george@twcable.com Wed Jul 3 10:11:33 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 425ED11E81F8 for ; Wed, 3 Jul 2013 10:11:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.563 X-Spam-Level: X-Spam-Status: No, score=-0.563 tagged_above=-999 required=5 tests=[AWL=-0.100, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lOSwAFPH9-xw for ; Wed, 3 Jul 2013 10:11:25 -0700 (PDT) Received: from cdpipgw02.twcable.com (cdpipgw02.twcable.com [165.237.59.23]) by ietfa.amsl.com (Postfix) with ESMTP id 3253611E80C5 for ; Wed, 3 Jul 2013 10:11:25 -0700 (PDT) X-SENDER-IP: 10.136.163.15 X-SENDER-REPUTATION: None X-IronPort-AV: E=Sophos;i="4.87,989,1363147200"; d="scan'208";a="99455475" Received: from unknown (HELO PRVPEXHUB06.corp.twcable.com) ([10.136.163.15]) by cdpipgw02.twcable.com with ESMTP/TLS/RC4-MD5; 03 Jul 2013 13:09:20 -0400 Received: from PRVPEXVS15.corp.twcable.com ([10.136.163.78]) by PRVPEXHUB06.corp.twcable.com ([10.136.163.15]) with mapi; Wed, 3 Jul 2013 13:11:24 -0400 From: "George, Wes" To: "Sriram, Kotikalapudi" , sidr wg Date: Wed, 3 Jul 2013 13:11:22 -0400 Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: Ac5gVbIxiE/lq0BJRdidxrvVHggrmgFm4U3wBITLPkA= Message-ID: <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com> References: <51AC8B9A.1050108@isode.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "Sandra Murphy \(Sandra.Murphy@sparta.com\)" Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2013 17:11:33 -0000 Thanks for the review. I made most of the nits changes, and will post a rev= ision soon. Some comments below inline > -----Original Message----- > From: Sriram, Kotikalapudi [mailto:kotikalapudi.sriram@nist.gov] > > Please note that some minor omissions have resulted in technical > inaccuracies > in the AS_PATH and/or bgpsec update representation in the example > scenarios/solutions > (see pages 21, 23 of the attached). [WEG] I reviewed that, (eg "Comment: AS_PATH must show the actual path trav= ersed; cannot hide AS 200.") and I don't think that's correct. The entire p= oint behind this draft and its companion is that when using Local/replace A= S functions, the AS_PATH is actually manipulated and the AS that we desire = to hide *is* hidden from the AS_PATH, so I believe that the example is corr= ect as it stands. > > One key technical comment is related to an additional scenario > that may be worthwhile including for the proposed solution. > It has to do with three ISP's (or ASes) being involved in the migration > scenario: > > ISP A' ISP A' > CE-1 ---------> PE-1 -------------------> PE-3 -----------> CE-3 > 100 Old_ASN: 300 Old_ASN: 500 600 > New_ASN: 200 New_ASN: 200 > | | > | | > | | > | ISP A' | > ------------PE-2---------------- > Old_ASN: 200 > New_ASN: 200 > > Here both PE's (PE-1 on left and PE-3 right) are using Local ASN with > their respective CEs. > I have worked out (illustrated) a solution for this scenario (see page > 24 of the attachment). > This should hopefully round up (complete) the basic set of scenarios > operators > may encounter in the real world. [WEG] In looking at your example, I'm not sure whether it's totally necessa= ry as a separate scenario - it doesn't seem that the process changes any, a= nd dealing with all of these different ASNs starts becoming hard to parse. = Would it suffice to add a simple statement that this will work the same way= if there are multiple different ASNs simultaneously being migrated into th= e subsuming ASN? Anyone else in the WG have an opinion on this matter? Thanks Wes George This E-mail and any of its attachments may contain Time Warner Cable propri= etary information, which is privileged, confidential, or subject to copyrig= ht belonging to Time Warner Cable. This E-mail is intended solely for the u= se of the individual or entity to which it is addressed. If you are not the= intended recipient of this E-mail, you are hereby notified that any dissem= ination, distribution, copying, or action taken in relation to the contents= of and attachments to this E-mail is strictly prohibited and may be unlawf= ul. If you have received this E-mail in error, please notify the sender imm= ediately and permanently delete the original and any copy of this E-mail an= d any printout. From kotikalapudi.sriram@nist.gov Wed Jul 3 13:31:01 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5B7321F9A9B for ; Wed, 3 Jul 2013 13:31:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WnwwX3n1PLhp for ; Wed, 3 Jul 2013 13:30:57 -0700 (PDT) Received: from wsget1.nist.gov (wsget1.nist.gov [129.6.13.150]) by ietfa.amsl.com (Postfix) with ESMTP id E624921F9A92 for ; Wed, 3 Jul 2013 13:30:56 -0700 (PDT) Received: from WSXGHUB2.xchange.nist.gov (129.6.18.19) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.3.123.3; Wed, 3 Jul 2013 16:30:47 -0400 Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB2.xchange.nist.gov ([129.6.18.19]) with mapi; Wed, 3 Jul 2013 16:30:52 -0400 From: "Sriram, Kotikalapudi" To: "George, Wes" , sidr wg Date: Wed, 3 Jul 2013 16:30:51 -0400 Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: Ac5gVbIxiE/lq0BJRdidxrvVHggrmgFm4U3wBITLPkAAB4RCIA== Message-ID: References: <51AC8B9A.1050108@isode.com> <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com> In-Reply-To: <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Cc: "Sandra Murphy \(Sandra.Murphy@sparta.com\)" Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2013 20:31:01 -0000 Thanks, George. Some comments in line. >> From: Sriram, Kotikalapudi [mailto:kotikalapudi.sriram@nist.gov] >> >> Please note that some minor omissions have resulted in technical >> inaccuracies in the AS_PATH and/or bgpsec update representation in the >> example scenarios/solutions (see pages 21, 23 of the attached). >[WEG] I reviewed that, (eg "Comment: AS_PATH must show the actual path >traversed; cannot hide AS 200.") and I don't think that's correct. The entire point >behind this draft and its companion is that when using Local/replace AS >functions, the AS_PATH is actually manipulated and the AS that we desire to >hide *is* hidden from the AS_PATH, so I believe that the example is correct as it >stands. The AS_PATH is a BGP-4 attribute. We shouldn't be ideally using it when we illustrate a BGPSEC update with signatures etc. in the examples (unless we refer to it as Equivalent AS_PATH or something). BGPSEC has the Secure_Path attribute instead (pages 8, 9 of the spec) http://tools.ietf.org/pdf/draft-ietf-sidr-bgpsec-protocol-07.pdf +----------------------------+ | AS Number (4 octets) | +----------------------------+ | pCount (1 octet) | +----------------------------+ | Flags (1 octet) | +----------------------------+ All ASes in the path are included in the Secure_Path, including the "hidden" ones (w/ pCount=0). In BGPSEC, the AS intended to be hidden is only implicitly hidden. The receiver cannot verify the update signatures unless all ASNs that signed are included in the Secure_Path. For the examples, I think that showing a condensed version of the Secure_Path works, where the hidden ASes are shown with pcount=0 next to them, like, Secure_Path = 200, 300(pcount=0), 100 length = sum(pcount) = 2 (length is NOT 3) > >> >> One key technical comment is related to an additional scenario that >> may be worthwhile including for the proposed solution. >> It has to do with three ISP's (or ASes) being involved in the >> migration >> scenario: >> >> ISP A' ISP A' >> CE-1 ---------> PE-1 -------------------> PE-3 -----------> CE-3 >> 100 Old_ASN: 300 Old_ASN: 500 600 >> New_ASN: 200 New_ASN: 200 >> | | >> | | >> | | >> | ISP A' | >> ------------PE-2---------------- >> Old_ASN: 200 >> New_ASN: 200 >> >> Here both PE's (PE-1 on left and PE-3 right) are using Local ASN with >> their respective CEs. >> I have worked out (illustrated) a solution for this scenario (see page >> 24 of the attachment). >> This should hopefully round up (complete) the basic set of scenarios >> operators may encounter in the real world. >[WEG] In looking at your example, I'm not sure whether it's totally necessary as >a separate scenario - it doesn't seem that the process changes any, and dealing >with all of these different ASNs starts becoming hard to parse. Would it suffice >to add a simple statement that this will work the same way if there are multiple >different ASNs simultaneously being migrated into the subsuming ASN? >Anyone else in the WG have an opinion on this matter? I would like to hear others' thoughts on this. The solution (worked out on p. 24) seems not so hard to parse to me. But it is your call. You can keep this in the reserve if you like and we can ruminate over it. There is still time until this goes to WGLC. Sriram From Sandra.Murphy@sparta.com Wed Jul 3 13:52:55 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED33111E822C for ; Wed, 3 Jul 2013 13:52:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9SCxS6CJQSl1 for ; Wed, 3 Jul 2013 13:52:49 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id C189711E80CC for ; Wed, 3 Jul 2013 13:52:48 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r63KqlrY010836; Wed, 3 Jul 2013 15:52:47 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r63KqkHJ000460; Wed, 3 Jul 2013 15:52:46 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Wed, 3 Jul 2013 16:53:39 -0400 From: "Murphy, Sandra" To: "George, Wes" , "Sriram, Kotikalapudi" , sidr wg Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: AQHOYGHTwLLnkHR7GEuRKeJVHdZIT5kvcDoAgCQyvwD///SYQg== Date: Wed, 3 Jul 2013 20:53:38 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F67497630A@CVA-MB002.centreville.ads.sparta.com> References: <51AC8B9A.1050108@isode.com> , <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com> In-Reply-To: <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2013 20:52:55 -0000 I'm not sure about the intent of Sriram's comment, but I'd like to note tha= t the protocol spec says the AS_PATH is not in the BGP Update when the neig= hbor has negotiated bgpsec (because the AS_PATH is encapsulated in the BGPS= EC_PATH attribute):=0A= =0A= A BGPSE= C update message=0A= containing the BGPSEC_PATH attribute MUST NOT contain the AS_PATH=0A= attribute.=0A= =0A= And when the neighbor is not bgpsec capable, the AS_PATH is reconstructed f= rom the BGPSEC_Path attribute (sec 4.4), and as Wes says, that leaves the "= pcount=3D0" AS out of the reconstructed AS_PATH.=0A= =0A= --Sandy, speaking as regular ol' member=0A= =0A= From Sandra.Murphy@sparta.com Wed Jul 3 13:53:29 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE7E411E822A for ; Wed, 3 Jul 2013 13:53:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6vRvnlu3Y-Mv for ; Wed, 3 Jul 2013 13:53:24 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 2E6F511E80F5 for ; Wed, 3 Jul 2013 13:53:24 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r63KrNrI010842; Wed, 3 Jul 2013 15:53:23 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r63KrNmn000480; Wed, 3 Jul 2013 15:53:23 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Wed, 3 Jul 2013 16:54:16 -0400 From: "Murphy, Sandra" To: "Sriram, Kotikalapudi" , "George, Wes" , sidr wg Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: AQHOYGHTwLLnkHR7GEuRKeJVHdZIT5kvcDoAgCQyvwCAADe8gP//wVnn Date: Wed, 3 Jul 2013 20:54:15 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F674976315@CVA-MB002.centreville.ads.sparta.com> References: <51AC8B9A.1050108@isode.com> <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Jul 2013 20:53:29 -0000 >(unless we refer to it as Equivalent AS_PATH or something).=0A= =0A= As the intent of showing that line in the example was to demonstrate the AS= _PATH that would be reconstructed from the BGPSEC_Path attribute, I think t= his suggestion works.=0A= =0A= --Sandy, speaking as regular ol' member=0A= =0A= From alexey.melnikov@isode.com Thu Jul 4 01:58:30 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 293AE21F9EA3 for ; Thu, 4 Jul 2013 01:58:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mhyhWYuJfjNm for ; Thu, 4 Jul 2013 01:58:29 -0700 (PDT) Received: from waldorf.isode.com (cl-125.lon-03.gb.sixxs.net [IPv6:2a00:14f0:e000:7c::2]) by ietfa.amsl.com (Postfix) with ESMTP id 475A821F9E7F for ; Thu, 4 Jul 2013 01:58:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1372928307; d=isode.com; s=selector; i=@isode.com; bh=oUvboS2wJ7yhnHjIrmq3gdI9gioxLq5W5tiebs5XWjE=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=FK9ogJfJK2xJCywavRo29ZuWZuQ7V0jYIuH/I0+m95oBsGmhB6+KHQZYIupeGi6LCygx0m +AX3uImYwQ+qHTWzAs+kB0qlSEJaMRuaxfGdg605ePNJGB+8tDgnlwAauPqOZk3L6DsCPA SuURLna6yPBMGV3bjUOs98XT0RvVSks=; Received: from [172.16.1.29] (shiny.isode.com [62.3.217.250]) by waldorf.isode.com (submission channel) via TCP with ESMTPA id ; Thu, 4 Jul 2013 09:58:27 +0100 Message-ID: <51D5396D.3040904@isode.com> Date: Thu, 04 Jul 2013 09:59:25 +0100 From: Alexey Melnikov User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 To: sidr wg References: <51AC8B9A.1050108@isode.com> In-Reply-To: <51AC8B9A.1050108@isode.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jul 2013 08:58:30 -0000 On 03/06/2013 13:27, Alexey Melnikov wrote: > On behalf of SIDR chairs (Chris and myself, as Sandy is a co-author) I > am starting 2 weeks WG acceptance call onthis document, ending on June > 17th. Please send your comments, positive or negative to the mailing > list or directly to WG chairs. I've seen 6 or so people speaking in favour of adopting the document (with some comments which can be addressed later) and nobody against, so this document is now accepted as a WG document. Thank you, Alexey, as a co-chair. From Sandra.Murphy@sparta.com Thu Jul 4 14:35:57 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0ED9B11E81CE for ; Thu, 4 Jul 2013 14:35:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a0VsS3VlUCtv for ; Thu, 4 Jul 2013 14:35:53 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id D2F4A11E81B4 for ; Thu, 4 Jul 2013 14:35:52 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r64LZpnP014183 for ; Thu, 4 Jul 2013 16:35:51 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r64LZoC9012578 for ; Thu, 4 Jul 2013 16:35:51 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Thu, 4 Jul 2013 17:36:41 -0400 From: "Murphy, Sandra" To: sidr wg list Thread-Topic: WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt Thread-Index: AQHOeP5fNE9ZmHDHgkWYQ//us2zAkA== Date: Thu, 4 Jul 2013 21:36:41 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jul 2013 21:35:57 -0000 On behalf of the sidr co-chairs, this opens a two week wg adoption call for= the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption call will end = 18 July 2013. Please respond to the list as to whether you agree the wg should take this = on as a wg work item. (It is not necessary to comment on the draft content= at this time.) --Sandy, speaking as wg co-chair ________________________________________ From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Randy Bush= [randy@psg.com] Sent: Monday, April 08, 2013 8:57 PM To: sidr wg list Subject: [sidr] draft-ymbk-rpki-rtr-keys-01.txt chairs, could you please turn the crank to move this through wg adoption? thanks fwiw, i doubt it will move through to wglc/rfc, but rather a 6810bis may be the better path. randy From: internet-drafts@ietf.org To: randy@psg.com Cc: keyupate@cisco.com, turners@ieca.com Subject: New Version Notification for draft-ymbk-rpki-rtr-keys-01.txt Message-ID: <20130409005340.26017.92925.idtracker@ietfa.amsl.com> Date: Mon, 08 Apr 2013 17:53:40 -0700 A new version of I-D, draft-ymbk-rpki-rtr-keys-01.txt has been successfully submitted by Randy Bush and posted to the IETF repository. Filename: draft-ymbk-rpki-rtr-keys Revision: 01 Title: Router Key PDU for RPKI-Router Protocol Creation date: 2013-04-09 Group: Individual Submission Number of pages: 5 URL: http://www.ietf.org/internet-drafts/draft-ymbk-rpki-rtr-ke= =3D ys-01.txt Status: http://datatracker.ietf.org/doc/draft-ymbk-rpki-rtr-keys Htmlized: http://tools.ietf.org/html/draft-ymbk-rpki-rtr-keys-01 Diff: http://www.ietf.org/rfcdiff?url2=3D3Ddraft-ymbk-rpki-rtr-k= ey=3D s-01 Abstract: The RPKI/Router Protocol v0 is specified to carry the PDUs necessary for RPKI-based Origin Validation. For BGPsec Path Validation, the routers also need data extracted from BGPsec Router Certificates. This document adds a PDU to the RPKI/Router Protocol to carry those data. The IETF Secretariat _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr= From kotikalapudi.sriram@nist.gov Fri Jul 5 06:11:25 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B195611E82D0 for ; Fri, 5 Jul 2013 06:11:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NMo29jxa6Uff for ; Fri, 5 Jul 2013 06:11:19 -0700 (PDT) Received: from wsget1.nist.gov (wsget1.nist.gov [129.6.13.150]) by ietfa.amsl.com (Postfix) with ESMTP id 0F1AF11E82CC for ; Fri, 5 Jul 2013 06:11:19 -0700 (PDT) Received: from WSXGHUB1.xchange.nist.gov (129.6.18.96) by wsget1.nist.gov (129.6.13.150) with Microsoft SMTP Server (TLS) id 14.3.123.3; Fri, 5 Jul 2013 09:11:09 -0400 Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB1.xchange.nist.gov ([129.6.18.96]) with mapi; Fri, 5 Jul 2013 09:11:17 -0400 From: "Sriram, Kotikalapudi" To: "Murphy, Sandra" , "George, Wes" , sidr wg Date: Fri, 5 Jul 2013 09:11:16 -0400 Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: AQHOYGHTwLLnkHR7GEuRKeJVHdZIT5kvcDoAgCQyvwCAADe8gP//wVnngAKg2RE= Message-ID: References: <51AC8B9A.1050108@isode.com> <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com>, , <24B20D14B2CD29478C8D5D6E9CBB29F674976315@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F674976315@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jul 2013 13:11:25 -0000 >>(unless we refer to it as Equivalent AS_PATH or something). >As the intent of showing that line in the example was to demonstrate the AS_PATH that would be reconstructed from the BGPSEC_Path attribute, I think this suggestion works. Yep, would be fine with me. If you wished to stick with bgpsec taxonomy, the alternate suggestion was (example): Secure_Path = 200, 300(pcount=0), 100 length = sum(pcount) = 2 (length is NOT 3) Conveys the same message that the AS path length would not be increased. Sriram From wesley.george@twcable.com Mon Jul 8 05:57:01 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAF6921F85B3 for ; Mon, 8 Jul 2013 05:57:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.53 X-Spam-Level: X-Spam-Status: No, score=-0.53 tagged_above=-999 required=5 tests=[AWL=-0.067, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5wVd7AkQgvYk for ; Mon, 8 Jul 2013 05:56:56 -0700 (PDT) Received: from cdpipgw02.twcable.com (cdpipgw02.twcable.com [165.237.59.23]) by ietfa.amsl.com (Postfix) with ESMTP id D49CD21F859A for ; Mon, 8 Jul 2013 05:56:49 -0700 (PDT) X-SENDER-IP: 10.136.163.10 X-SENDER-REPUTATION: None X-IronPort-AV: E=Sophos;i="4.87,1020,1363147200"; d="scan'208";a="101450938" Received: from unknown (HELO PRVPEXHUB01.corp.twcable.com) ([10.136.163.10]) by cdpipgw02.twcable.com with ESMTP/TLS/RC4-MD5; 08 Jul 2013 08:56:48 -0400 Received: from PRVPEXVS15.corp.twcable.com ([10.136.163.79]) by PRVPEXHUB01.corp.twcable.com ([10.136.163.10]) with mapi; Mon, 8 Jul 2013 08:56:49 -0400 From: "George, Wes" To: "Sriram, Kotikalapudi" , "Murphy, Sandra" , sidr wg Date: Mon, 8 Jul 2013 08:56:48 -0400 Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: AQHOYGHTwLLnkHR7GEuRKeJVHdZIT5kvcDoAgCQyvwCAADe8gP//wVnngAKg2RGABLbT4A== Message-ID: <2671C6CDFBB59E47B64C10B3E0BD59230436AE402A@PRVPEXVS15.corp.twcable.com> References: <51AC8B9A.1050108@isode.com> <2671C6CDFBB59E47B64C10B3E0BD59230435C894AB@PRVPEXVS15.corp.twcable.com>, , <24B20D14B2CD29478C8D5D6E9CBB29F674976315@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 12:57:01 -0000 Thanks for clarifying, that makes sense to me as well, and I'll work to cla= rify in the examples and elsewhere in the document where appropriate. Wes > -----Original Message----- > From: Sriram, Kotikalapudi [mailto:kotikalapudi.sriram@nist.gov] > Sent: Friday, July 05, 2013 9:11 AM > To: Murphy, Sandra; George, Wes; sidr wg > Subject: RE: [sidr] Acceptance call for draft-george-sidr-as-migration- > 01.txt > > >>(unless we refer to it as Equivalent AS_PATH or something). > > >As the intent of showing that line in the example was to demonstrate > the AS_PATH that would be reconstructed from the BGPSEC_Path attribute, > I think this suggestion works. > > Yep, would be fine with me. > If you wished to stick with bgpsec taxonomy, the alternate suggestion > was (example): > Secure_Path =3D 200, 300(pcount=3D0), 100 > length =3D sum(pcount) =3D 2 (length is NOT 3) > > Conveys the same message that the AS path length would not be increased. > > Sriram > > This E-mail and any of its attachments may contain Time Warner Cable propri= etary information, which is privileged, confidential, or subject to copyrig= ht belonging to Time Warner Cable. This E-mail is intended solely for the u= se of the individual or entity to which it is addressed. If you are not the= intended recipient of this E-mail, you are hereby notified that any dissem= ination, distribution, copying, or action taken in relation to the contents= of and attachments to this E-mail is strictly prohibited and may be unlawf= ul. If you have received this E-mail in error, please notify the sender imm= ediately and permanently delete the original and any copy of this E-mail an= d any printout. From kent@bbn.com Mon Jul 8 06:20:42 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0733221F9C37 for ; Mon, 8 Jul 2013 06:20:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K7NbzsNC0T4T for ; Mon, 8 Jul 2013 06:20:36 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id ACA2E21F9C33 for ; Mon, 8 Jul 2013 06:20:31 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:47133 helo=comsec.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1UwBMe-000NKU-SU for sidr@ietf.org; Mon, 08 Jul 2013 09:20:25 -0400 Message-ID: <51DABC9A.5040007@bbn.com> Date: Mon, 08 Jul 2013 09:20:26 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr@ietf.org References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 13:20:42 -0000 I support adoption of this draft. Steve ------- On 7/4/13 5:36 PM, Murphy, Sandra wrote: > On behalf of the sidr co-chairs, this opens a two week wg adoption call for the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption call will end 18 July 2013. > > Please respond to the list as to whether you agree the wg should take this on as a wg work item. (It is not necessary to comment on the draft content at this time.) > > --Sandy, speaking as wg co-chair > From rogaglia@cisco.com Mon Jul 8 07:51:00 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C67D21F9A79 for ; Mon, 8 Jul 2013 07:51:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2C2uLG5fnZHn for ; Mon, 8 Jul 2013 07:50:55 -0700 (PDT) Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 5FDAF21F9A87 for ; Mon, 8 Jul 2013 07:50:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=9167; q=dns/txt; s=iport; t=1373295055; x=1374504655; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=aFXJ4vSUPlrUNHKlvXDz6Tt9gk3HbZGUPhL8/n4Q4Ww=; b=evZo4Qqcntv9jatN9vRntoF4SwwspIpwbEh7Z1mHumutWOuE7rpFyFc+ bvpqriNq65UmeK9DcC6IEEZK+QaeDDl/TIyGB0bk1zgEnL58HWH7pmAud 4PgqtZB6t4d51oggbd963tOriFzB7zAUQ+HRWwB3H3a0UySR3HNU6aUAg A=; X-Files: smime.p7s : 4459 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AhYFAPbQ2lGtJV2c/2dsb2JhbABagwkyRwbAY4ERFnSCIwEBAQMBAQEBGlELBQsCAQgRAwEBAQskAiULHQgCBA4FCAEFh3sGBwW4TI86BhAKEQcEAoMBaQOQC4Eth0SQH4MRgWokGg X-IronPort-AV: E=Sophos;i="4.87,1020,1363132800"; d="p7s'?scan'208";a="232145602" Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-3.cisco.com with ESMTP; 08 Jul 2013 14:50:50 +0000 Received: from xhc-aln-x01.cisco.com (xhc-aln-x01.cisco.com [173.36.12.75]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id r68EooI7013616 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 8 Jul 2013 14:50:50 GMT Received: from xmb-rcd-x02.cisco.com ([169.254.4.192]) by xhc-aln-x01.cisco.com ([173.36.12.75]) with mapi id 14.02.0318.004; Mon, 8 Jul 2013 09:50:49 -0500 From: "Roque Gagliano (rogaglia)" To: "Murphy, Sandra" Thread-Topic: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt Thread-Index: AQHOe+qJQAQMsipAuUSlsGv8U+J5/w== Date: Mon, 8 Jul 2013 14:50:49 +0000 Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.147.19.137] Content-Type: multipart/signed; boundary="Apple-Mail=_949E2474-8179-4145-A894-0F9ADB9656E7"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 Cc: sidr wg list Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 14:51:01 -0000 --Apple-Mail=_949E2474-8179-4145-A894-0F9ADB9656E7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii I support adoption. Roque On Jul 4, 2013, at 11:36 PM, "Murphy, Sandra" = wrote: > On behalf of the sidr co-chairs, this opens a two week wg adoption = call for the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption = call will end 18 July 2013. >=20 > Please respond to the list as to whether you agree the wg should take = this on as a wg work item. (It is not necessary to comment on the draft = content at this time.) >=20 > --Sandy, speaking as wg co-chair >=20 > ________________________________________ > From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Randy = Bush [randy@psg.com] > Sent: Monday, April 08, 2013 8:57 PM > To: sidr wg list > Subject: [sidr] draft-ymbk-rpki-rtr-keys-01.txt >=20 > chairs, >=20 > could you please turn the crank to move this through wg adoption? > thanks >=20 > fwiw, i doubt it will move through to wglc/rfc, but rather a 6810bis > may be the better path. >=20 > randy >=20 >=20 > From: internet-drafts@ietf.org > To: randy@psg.com > Cc: keyupate@cisco.com, turners@ieca.com > Subject: New Version Notification for draft-ymbk-rpki-rtr-keys-01.txt > Message-ID: <20130409005340.26017.92925.idtracker@ietfa.amsl.com> > Date: Mon, 08 Apr 2013 17:53:40 -0700 >=20 >=20 > A new version of I-D, draft-ymbk-rpki-rtr-keys-01.txt > has been successfully submitted by Randy Bush and posted to the > IETF repository. >=20 > Filename: draft-ymbk-rpki-rtr-keys > Revision: 01 > Title: Router Key PDU for RPKI-Router Protocol > Creation date: 2013-04-09 > Group: Individual Submission > Number of pages: 5 > URL: = http://www.ietf.org/internet-drafts/draft-ymbk-rpki-rtr-ke=3D > ys-01.txt > Status: = http://datatracker.ietf.org/doc/draft-ymbk-rpki-rtr-keys > Htmlized: = http://tools.ietf.org/html/draft-ymbk-rpki-rtr-keys-01 > Diff: = http://www.ietf.org/rfcdiff?url2=3D3Ddraft-ymbk-rpki-rtr-key=3D > s-01 >=20 > Abstract: > The RPKI/Router Protocol v0 is specified to carry the PDUs necessary > for RPKI-based Origin Validation. For BGPsec Path Validation, the > routers also need data extracted from BGPsec Router Certificates. > This document adds a PDU to the RPKI/Router Protocol to carry those > data. >=20 > The IETF Secretariat >=20 > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr --Apple-Mail=_949E2474-8179-4145-A894-0F9ADB9656E7 Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINSTCCBkIw ggUqoAMCAQICEDirAC//rpa3Vv85Wvtd5xswDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug b25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0 aW9uIEF1dGhvcml0eSAtIEczMB4XDTExMDkwMTAwMDAwMFoXDTIxMDgzMTIzNTk1OVowgaYxCzAJ BgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50 ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQD Ey5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuwn/R1j9DsdisHTHMjIgoa2uEqGkqqBXHLKMA0vnkEi VzAhJZCao/SsKsaIF4ZhchN2LuwDyyebjyCAN+DkitpVplAP/LlcI2mJQqG6H6/vDvmkyQrx+Dey xtmSSq5937hEH5u6P4wG/tgjT0hRI2pghKjuJy9g35byGiqMPI8AzE/L+iCOvDX24fCatgXz/B0/ xhR7DtryBeTTgwKmxWlwtKnkVunbHVz0pjbia7UeKi3cvrvuOgSwMAitX2hsxr0GloiE5+apZC28 ODC7iCbDZ2ZmtLR3+cChxw5y72bi5bnK4POFdzWY3tQcsP5mceI4y258T0BV65fZqBge7QIDAQAB o4ICRDCCAkAwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxodHRwOi8vcGtpLW9jc3AudmVy aXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBS MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpo dHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnZl cmlzaWduLmNvbS9wY2ExLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAY BgNVBAMTEVZlcmlTaWduTVBLSS0yLTk3MB0GA1UdDgQWBBSt+cOTci21uShh5KTXYNXECl4aATCB 8QYDVR0jBIHpMIHmoYHQpIHNMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu Yy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZl cmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHM4IRAItb dVaEVIULAM+vOEjOsaQwDQYJKoZIhvcNAQEFBQADggEBANaPwdqbiPKzbE0fWC+6AVFddMFG6MO4 e5/WQPHv/zK6iWvADjRDn6SZ5qTwXUgzYoWFYf4jiCKMYJsrnGVJlMSiOCRIpVylUEto6WIip5Po mSJuPVu7EEIOH0x1RzRWCY/4vYw881y70pZwVHBiTe/REL6dSCxe7IZrB4LwPeElJygs4BZ2HrP9 5WKW0oo9Xyuu+1zCE7dlY8s0dkOf1oeZq26tlcEAP0Yngf813iMOQ9wUXzL5yinvwlIw9ZnduYH4 OiUgjYJo8rkhhXRmBOGGORYy8i3WKqjJ3tkAAk/jGCDFpYFWtpXe04Kt+HslvmR8LqC6cCz4+XXi dE0HbYQwggb/MIIF56ADAgECAhAYf+/XztcT+E2kExj0ut5oMA0GCSqGSIb3DQEBBQUAMIGmMQsw CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu dGVjIFRydXN0IE5ldHdvcmsxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UE AxMuU3ltYW50ZWMgQ2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHNDAeFw0xMzA1 MTQwMDAwMDBaFw0xNDA1MTUyMzU5NTlaMIHEMS4wLAYDVQQDDCVQZXJzb25hIE5vdCBWYWxpZGF0 ZWQgLSAxMzY4NTI0MDEwMDczMSEwHwYJKoZIhvcNAQkBFhJyb2dhZ2xpYUBjaXNjby5jb20xDzAN BgNVBAsMBlMvTUlNRTEeMBwGA1UECwwVUGVyc29uYSBOb3QgVmFsaWRhdGVkMR8wHQYDVQQLDBZT eW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQKDBRTeW1hbnRlYyBDb3Jwb3JhdGlvbjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/aDENz/1kQVeEyPK5cHw3n9c4ErU13WONPXjL7 fHYj0Yr/DSGbdyiWZ001bkIMPxvJbxv4r5EaTq72gHxhTF/frLoM5+sEKAErBPuOqpAAYlxo4uyK U1pQzPy+3rtlVRStNUAJZHVN4kYtHRghGoBCkqh2JoSBMCgc41Mr1UvS3dI4kp5lKEqutKjoDtdc /O4Kee/CLzEy0D8QNOF7OSjrPmed1jsAxxqsv9EHMJvG9z/CIXF2Q/kYf24ozeujCPZVaOTjWVsd BsZSNUaD9LyeGQBtGCXq7e0rUEFPZfsdxUoBoVeTYRYIcloFuiG4QQsvjr6rlFZDbXEhOWOJnRsC AwEAAaOCAwcwggMDMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMCAGA1UdJQEB/wQWMBQG CCsGAQUFBwMEBggrBgEFBQcDAjAdBgNVHQ4EFgQU+K3xGZv+qs21HN5cJGWwMOyfwHcwHQYDVR0R BBYwFIEScm9nYWdsaWFAY2lzY28uY29tMB8GA1UdIwQYMBaAFK35w5NyLbW5KGHkpNdg1cQKXhoB MIIBKwYIKwYBBQUHAQEEggEdMIIBGTCCARUGCCsGAQUFBzAChoIBB2xkYXA6Ly9kaXJlY3Rvcnku dmVyaXNpZ24uY29tL0NOJTIwJTNEJTIwU3ltYW50ZWMlMjBDbGFzcyUyMDElMjBJbmRpdmlkdWFs JTIwU3Vic2NyaWJlciUyMENBJTIwLSUyMEc0JTJDJTIwT1UlMjAlM0QlMjBQZXJzb25hJTIwTm90 JTIwVmFsaWRhdGVkJTJDJTIwT1UlMjAlM0QlMjBTeW1hbnRlYyUyMFRydXN0JTIwTmV0d29yayUy QyUyME8lMjAlM0QlMjBTeW1hbnRlYyUyMENvcnBvcmF0aW9uJTJDJTIwQyUyMCUzRCUyMFVTP2NB Q2VydGlmaWNhdGU7YmluYXJ5MF0GA1UdHwRWMFQwUqBQoE6GTGh0dHA6Ly9wa2ktY3JsLnN5bWF1 dGguY29tL2NhXzU2MWMxMDM2OTBjOTdhNjkyNDdhMGVmMDcxYWM4MWFmL0xhdGVzdENSTC5jcmww bAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBSMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1 dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTArBgpg hkgBhvhFARADBB0wGwYSYIZIAYb4RQEQAQICBAGGx85vFgUxMDkyMjA5BgpghkgBhvhFARAFBCsw KQIBABYkYUhSMGNITTZMeTl3YTJrdGNtRXVjM2x0WVhWMGFDNWpiMjA9MA0GCSqGSIb3DQEBBQUA A4IBAQA9KvHI6pN0/W4MJl3cATuTU0cdkjZBvfztljunVmn72rij+hJKzSg8lGawguiccFWVqqEl sMIAinuB1zqFe1ILchliltXEj5vPI+HyGxn5akhQuzk7/hmAfs00CC1hbC1HB8r+b7R2s/bkJ7YY fpE0lMd7exB62MccwKh5yFCgxIvxG/irFLjNicpW/C6ixzmuPoKQO9Rs5H9oBnYVxtGpORPt6H5+ DINZOpsbDcnNgi3mIpSK0lapSzVUueOWBJwS5sfjOLe5pBbpvarrZp0zs0gADupX5u1bH0DpSwj1 zN5wP/p5f2h0L2i4rpaU05LLgBzh0JTy+zidLpU8NgAhMYID5DCCA+ACAQEwgbswgaYxCzAJBgNV BAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMg VHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5T eW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2k Exj0ut5oMAkGBSsOAwIaBQCgggH9MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTEzMDcwODE0NTA0OFowIwYJKoZIhvcNAQkEMRYEFGmNDjRy8nTFf4vQw0H1F2rRR2PL MIHMBgkrBgEEAYI3EAQxgb4wgbswgaYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBD b3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVy c29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwg U3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2kExj0ut5oMIHOBgsqhkiG9w0BCRACCzGBvqCB uzCBpjELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQL ExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR4wHAYDVQQLExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQx NzA1BgNVBAMTLlN5bWFudGVjIENsYXNzIDEgSW5kaXZpZHVhbCBTdWJzY3JpYmVyIENBIC0gRzQC EBh/79fO1xP4TaQTGPS63mgwDQYJKoZIhvcNAQEBBQAEggEAvr1PQdyxZmplY554UV80fzIojtEr 9BBD7yx0dUqzWmUIENfDHFeTCV/ddA5y3CCnTVK8OnWZP0VCZsD7OhQO1NOfAPjedtZ7XgqtOo2v ylAlrvh/lF/jr1L/IHEkeAoLpztiM8WKOMBx3QQZUYzQNhtHx9eS6amkiJC2fO+4FkBnhzHooi9L w2Kf2EARjwqGql13W9L6wIkxgS9H/ioiAM+nS2TldON0hA8MzQc+s1IfTCVy5cqirew9uGSHyhcZ bv/jKtTRbk3Lw7OXXzrd81MIyIu1EBB2gEaaHG0u4MLnbR4jm4XOJ0lg+KgkFmJqvLeMe2BQhLM8 JCkOE+BwGgAAAAAAAA== --Apple-Mail=_949E2474-8179-4145-A894-0F9ADB9656E7-- From wesley.george@twcable.com Mon Jul 8 08:14:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28B0C21F9CD6 for ; Mon, 8 Jul 2013 08:14:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.013 X-Spam-Level: X-Spam-Status: No, score=-1.013 tagged_above=-999 required=5 tests=[AWL=0.450, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 80ZUBSUAoEix for ; Mon, 8 Jul 2013 08:14:13 -0700 (PDT) Received: from cdpipgw01.twcable.com (cdpipgw01.twcable.com [165.237.59.22]) by ietfa.amsl.com (Postfix) with ESMTP id E49B121F9CD4 for ; Mon, 8 Jul 2013 08:14:03 -0700 (PDT) X-SENDER-IP: 10.136.163.11 X-SENDER-REPUTATION: None X-IronPort-AV: E=Sophos;i="4.87,1020,1363147200"; d="scan'208";a="104848659" Received: from unknown (HELO PRVPEXHUB02.corp.twcable.com) ([10.136.163.11]) by cdpipgw01.twcable.com with ESMTP/TLS/RC4-MD5; 08 Jul 2013 11:13:14 -0400 Received: from PRVPEXVS15.corp.twcable.com ([10.136.163.79]) by PRVPEXHUB02.corp.twcable.com ([10.136.163.11]) with mapi; Mon, 8 Jul 2013 11:13:15 -0400 From: "George, Wes" To: Terry Manderson , sidr wg Date: Mon, 8 Jul 2013 11:13:13 -0400 Thread-Topic: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt Thread-Index: Ac5mPPk1v6O42hwPQj2JuqY6+HEyvAVr852A Message-ID: <2671C6CDFBB59E47B64C10B3E0BD59230436AE4223@PRVPEXVS15.corp.twcable.com> References: <51AC8B9A.1050108@isode.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 15:14:18 -0000 > From: sidr-bounces@ietf.org [mailto:sidr-bounces@ietf.org] On Behalf Of > Terry Manderson > Sent: Monday, June 10, 2013 8:45 PM > To: Alexey Melnikov; sidr wg > Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration- > 01.txt > > > As NIT fodder, I'd prefer to see documentation ASNs used (that applies > to > draft-ga-idr-as-migration as well, but that might be just me ;) > [WEG] Terry - I was working to incorporate comments, and wanted to address = this one... I was hesitant to use the documentation ASNs because they are e= asily confused with private ASNs, and since I am explicitly talking about s= omething that deals with public ASNs (vs confeds with private), I wanted to= avoid confusion. So it was a conscious decision, but one that I can certai= nly change if others also believe that this is best suited to use the docum= entation ASNs. Thanks Wes George This E-mail and any of its attachments may contain Time Warner Cable propri= etary information, which is privileged, confidential, or subject to copyrig= ht belonging to Time Warner Cable. This E-mail is intended solely for the u= se of the individual or entity to which it is addressed. If you are not the= intended recipient of this E-mail, you are hereby notified that any dissem= ination, distribution, copying, or action taken in relation to the contents= of and attachments to this E-mail is strictly prohibited and may be unlawf= ul. If you have received this E-mail in error, please notify the sender imm= ediately and permanently delete the original and any copy of this E-mail an= d any printout. From randy@psg.com Mon Jul 8 16:00:46 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAACB21F9B06 for ; Mon, 8 Jul 2013 16:00:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.582 X-Spam-Level: X-Spam-Status: No, score=-2.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B-cBYWpLanHq for ; Mon, 8 Jul 2013 16:00:46 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by ietfa.amsl.com (Postfix) with ESMTP id 61E1D21F9B03 for ; Mon, 8 Jul 2013 16:00:46 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1UwKQF-000HhH-0J; Mon, 08 Jul 2013 23:00:43 +0000 Date: Mon, 08 Jul 2013 13:00:41 -1000 Message-ID: From: Randy Bush To: "George, Wes" In-Reply-To: <2671C6CDFBB59E47B64C10B3E0BD59230436AE4223@PRVPEXVS15.corp.twcable.com> References: <51AC8B9A.1050108@isode.com> <2671C6CDFBB59E47B64C10B3E0BD59230436AE4223@PRVPEXVS15.corp.twcable.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: sidr wg Subject: Re: [sidr] Acceptance call for draft-george-sidr-as-migration-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jul 2013 23:00:46 -0000 > I was hesitant to use the documentation ASNs because they are easily > confused with private ASNs so we should have the iana throw away the doc as numbers? this makes no sense to me. randy From internet-drafts@ietf.org Wed Jul 10 10:57:12 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA91221F9DE1; Wed, 10 Jul 2013 10:57:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.536 X-Spam-Level: X-Spam-Status: No, score=-102.536 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VllTFde0NNV9; Wed, 10 Jul 2013 10:57:12 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 67D9B21F9DDD; Wed, 10 Jul 2013 10:57:12 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 4.51.p2 Message-ID: <20130710175711.7957.72528.idtracker@ietfa.amsl.com> Date: Wed, 10 Jul 2013 10:57:11 -0700 Cc: sidr@ietf.org Subject: [sidr] I-D Action: draft-ietf-sidr-as-migration-00.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jul 2013 17:57:12 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the Secure Inter-Domain Routing Working Group= of the IETF. Title : BGPSec Considerations for AS Migration Author(s) : Wesley George Sandy Murphy Filename : draft-ietf-sidr-as-migration-00.txt Pages : 14 Date : 2013-07-10 Abstract: This draft discusses considerations and methods for supporting and securing a common method for AS-Migration within the BGPSec protocol. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-sidr-as-migration There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-sidr-as-migration-00 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From wesley.george@twcable.com Wed Jul 10 11:13:13 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F0D121F9ED6 for ; Wed, 10 Jul 2013 11:13:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.58 X-Spam-Level: X-Spam-Status: No, score=-0.58 tagged_above=-999 required=5 tests=[AWL=-0.117, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FK+v5FcYrzWz for ; Wed, 10 Jul 2013 11:13:09 -0700 (PDT) Received: from cdcipgw02.twcable.com (cdcipgw02.twcable.com [165.237.91.111]) by ietfa.amsl.com (Postfix) with ESMTP id 1A70621F9EC1 for ; Wed, 10 Jul 2013 11:13:08 -0700 (PDT) X-SENDER-IP: 10.136.163.10 X-SENDER-REPUTATION: None X-IronPort-AV: E=Sophos;i="4.87,1037,1363147200"; d="scan'208";a="26499929" Received: from unknown (HELO PRVPEXHUB01.corp.twcable.com) ([10.136.163.10]) by cdcipgw02.twcable.com with ESMTP/TLS/RC4-MD5; 10 Jul 2013 14:12:58 -0400 Received: from PRVPEXVS15.corp.twcable.com ([10.136.163.79]) by PRVPEXHUB01.corp.twcable.com ([10.136.163.10]) with mapi; Wed, 10 Jul 2013 14:13:06 -0400 From: "George, Wes" To: "sidr wg list (sidr@ietf.org)" Date: Wed, 10 Jul 2013 14:13:05 -0400 Thread-Topic: New SIDR-AS-Migration revision notes Thread-Index: Ac59mRmzBOk7iK3bRj6Fa/pO67WGiw== Message-ID: <2671C6CDFBB59E47B64C10B3E0BD592304370D87EE@PRVPEXVS15.corp.twcable.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 Subject: [sidr] New SIDR-AS-Migration revision notes X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jul 2013 18:13:13 -0000 TmV3IHZlcnNpb24gb2YgdGhlIGRyYWZ0IGZvcm1lcmx5IGtub3duIGFzIGRyYWZ0LWdlb3JnZS1z aWRyLWFzLW1pZ3JhdGlvbg0KDQpUaGlzIHZlcnNpb24gaW5jb3Jwb3JhdGVzIGEgZ29vZCBiaXQg b2YgZmVlZGJhY2sgZnJvbSBzZXZlcmFsIHJldmlld3Mgb2YgdGhlIHByZXZpb3VzIHZlcnNpb24s IGNoYW5nZXMgdG8gZG9jdW1lbnRhdGlvbiBBU05zLCBhbmQgcmVuYW1lZCB0byByZWZsZWN0IFdH IGFkb3B0aW9uLiBUaGUgb25seSB0aGluZyBub3QgaW5jb3Jwb3JhdGVkIHdhcyBTcmlyYW0ncyBh ZGRpdGlvbmFsIGV4YW1wbGUgY2FzZSBoZSBzdWdnZXN0ZWQgaW4gaGlzIHByZXZpb3VzIHJldmll dyBtZXNzYWdlLCBiZWNhdXNlIEkgYW0gYXdhaXRpbmcgZmVlZGJhY2sgYXMgdG8gd2hldGhlciB0 aGF0IGlzIGhlbHBmdWwgb3IgbmVjZXNzYXJ5Lg0KDQpJIGFsc28gcG9zdGVkIGEgbmV3IHZlcnNp b24gb2YgdGhlIGNvbXBhbmlvbiBkcmFmdCBpbiBJRFIsIGJ1dCB0aGF0J3MgbWFpbmx5IGxpbWl0 ZWQgdG8gY2hhbmdlcyB0byBpdHMgZXhhbXBsZSBBU05zIHNvIHRoYXQgdGhlIHR3byBkb2N1bWVu dHMgcmVtYWluIGNvbnNpc3RlbnQuIEl0IHdvdWxkIGJlIGhlbHBmdWwgdG8gZ2V0IGFub3RoZXIg c2V0IG9mIGV5ZXMgdG8gbG9vayBhdCB0aGUgIkludGVybmFsIEJHUCBBbGlhcyIgc2VjdGlvbiBv ZiB0aGF0IGRvY3VtZW50IChzZWUgZHJhZnQtZ2EtaWRyLWFzLW1pZ3JhdGlvbiBzZWN0aW9uIDQu MSkgYW5kIHNlZSBpZiBhbnkgYWRkaXRpb25hbCB0ZXh0IGlzIHJlcXVpcmVkIGluIHRoZSBTSURS IGRvY3VtZW50IHRvIGFkZHJlc3MgdGhhdC4gSSBkb24ndCB0aGluayB0aGVyZSdzIGFueXRoaW5n IHRvbyBncm91bmRicmVha2luZyB0aGVyZSwgbWFpbmx5IHRoZSBxdWVzdGlvbiBvZiB3aGV0aGVy IHdlIG5lZWQgdG8gZXhwbGljaXRseSBkaXNjdXNzIHRoZSBCR1BTZWMgYmVoYXZpb3IgZm9yIGEg Y29tbWFuZCBzd2l0Y2ggdGhhdCBiYXNpY2FsbHkgYWxsb3dzIGEgUEUgdG8gYWNjZXB0IGEgQkdQ IHNlc3Npb24gZnJvbSBlaXRoZXIgdGhlIG9sZCBBU04gb3IgdGhlIG5ldywgcmF0aGVyIHRoYW4g YmVpbmcgZXhwbGljaXRseSBjb25maWd1cmVkIGZvciBvbmUgb3IgdGhlIG90aGVyLiBXZSBhbHJl YWR5IGhhdmUgZGVzY3JpYmVkIHdoYXQgaGFwcGVucyB3aGVuIGl0IGlzIHBlZXJlZCB3aXRoIHRo ZSBvbGQgQVNOLCBhbmQgdGhlIG5ldyBBU04gd291bGQgYmUgc3RhbmRhcmQgY29uZmlndXJhdGlv biwgd2hlcmUgbm9uZSBvZiB0aGVzZSB0d2Vha3MgdG8gc3VwcG9ydCBBUyBNaWdyYXRpb24gc2hv dWxkIGJlIG5lY2Vzc2FyeSBhbnltb3JlLCBidXQgSSB3YXNuJ3Qgc3VyZSBpZiB3ZSBuZWVkZWQg dG8gc3BlY2lmaWNhbGx5IGFkZHJlc3MgdGhpcy4NCkFuZCBvZiBjb3Vyc2UsIGFkZGl0aW9uYWwg cmV2aWV3cyBhcmUgbW9zdCB3ZWxjb21lIQ0KDQpUaGFua3MsDQoNCldlcyBHZW9yZ2UNCg0KDQot LS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KRnJvbTogaW50ZXJuZXQtZHJhZnRzQGlldGYub3Jn IFttYWlsdG86aW50ZXJuZXQtZHJhZnRzQGlldGYub3JnXQ0KU2VudDogV2VkbmVzZGF5LCBKdWx5 IDEwLCAyMDEzIDE6NTcgUE0NClRvOiBTYW5keSBNdXJwaHk7IERyLlNhbmRyYSBMLk11cnBoeTsg R2VvcmdlLCBXZXMNClN1YmplY3Q6IE5ldyBWZXJzaW9uIE5vdGlmaWNhdGlvbiBmb3IgZHJhZnQt aWV0Zi1zaWRyLWFzLW1pZ3JhdGlvbi0wMC50eHQNCg0KDQpBIG5ldyB2ZXJzaW9uIG9mIEktRCwg ZHJhZnQtaWV0Zi1zaWRyLWFzLW1pZ3JhdGlvbi0wMC50eHQNCmhhcyBiZWVuIHN1Y2Nlc3NmdWxs eSBzdWJtaXR0ZWQgYnkgV2VzbGV5IEdlb3JnZSBhbmQgcG9zdGVkIHRvIHRoZQ0KSUVURiByZXBv c2l0b3J5Lg0KDQpGaWxlbmFtZTogICAgICAgIGRyYWZ0LWlldGYtc2lkci1hcy1taWdyYXRpb24N ClJldmlzaW9uOiAgICAgICAgMDANClRpdGxlOiAgICAgICAgICAgQkdQU2VjIENvbnNpZGVyYXRp b25zIGZvciBBUyBNaWdyYXRpb24NCkNyZWF0aW9uIGRhdGU6ICAgMjAxMy0wNy0xMA0KR3JvdXA6 ICAgICAgICAgICBzaWRyDQpOdW1iZXIgb2YgcGFnZXM6IDE0DQpVUkw6ICAgICAgICAgICAgIGh0 dHA6Ly93d3cuaWV0Zi5vcmcvaW50ZXJuZXQtZHJhZnRzL2RyYWZ0LWlldGYtc2lkci1hcy1taWdy YXRpb24tMDAudHh0DQpTdGF0dXM6ICAgICAgICAgIGh0dHA6Ly9kYXRhdHJhY2tlci5pZXRmLm9y Zy9kb2MvZHJhZnQtaWV0Zi1zaWRyLWFzLW1pZ3JhdGlvbg0KSHRtbGl6ZWQ6ICAgICAgICBodHRw Oi8vdG9vbHMuaWV0Zi5vcmcvaHRtbC9kcmFmdC1pZXRmLXNpZHItYXMtbWlncmF0aW9uLTAwDQoN Cg0KQWJzdHJhY3Q6DQogICBUaGlzIGRyYWZ0IGRpc2N1c3NlcyBjb25zaWRlcmF0aW9ucyBhbmQg bWV0aG9kcyBmb3Igc3VwcG9ydGluZyBhbmQNCiAgIHNlY3VyaW5nIGEgY29tbW9uIG1ldGhvZCBm b3IgQVMtTWlncmF0aW9uIHdpdGhpbiB0aGUgQkdQU2VjIHByb3RvY29sLg0KDQoNClRoaXMgZHJh ZnQgcmVwbGFjZXMgZHJhZnQtZ2VvcmdlLXNpZHItYXMtbWlncmF0aW9uLg0KDQpUaGUgSUVURiBT ZWNyZXRhcmlhdA0KDQpbV0VHXSBBbnl0aGluZyBiZWxvdyB0aGlzIGxpbmUgaGFzIGJlZW4gYWRk ZWQgYnkgbXkgY29tcGFueeKAmXMgbWFpbCBzZXJ2ZXIsIEkgaGF2ZSBubyBjb250cm9sIG92ZXIg aXQuDQotLS0tLS0tLS0tLS0tLS0tLQ0KDQpUaGlzIEUtbWFpbCBhbmQgYW55IG9mIGl0cyBhdHRh Y2htZW50cyBtYXkgY29udGFpbiBUaW1lIFdhcm5lciBDYWJsZSBwcm9wcmlldGFyeSBpbmZvcm1h dGlvbiwgd2hpY2ggaXMgcHJpdmlsZWdlZCwgY29uZmlkZW50aWFsLCBvciBzdWJqZWN0IHRvIGNv cHlyaWdodCBiZWxvbmdpbmcgdG8gVGltZSBXYXJuZXIgQ2FibGUuIFRoaXMgRS1tYWlsIGlzIGlu dGVuZGVkIHNvbGVseSBmb3IgdGhlIHVzZSBvZiB0aGUgaW5kaXZpZHVhbCBvciBlbnRpdHkgdG8g d2hpY2ggaXQgaXMgYWRkcmVzc2VkLiBJZiB5b3UgYXJlIG5vdCB0aGUgaW50ZW5kZWQgcmVjaXBp ZW50IG9mIHRoaXMgRS1tYWlsLCB5b3UgYXJlIGhlcmVieSBub3RpZmllZCB0aGF0IGFueSBkaXNz ZW1pbmF0aW9uLCBkaXN0cmlidXRpb24sIGNvcHlpbmcsIG9yIGFjdGlvbiB0YWtlbiBpbiByZWxh dGlvbiB0byB0aGUgY29udGVudHMgb2YgYW5kIGF0dGFjaG1lbnRzIHRvIHRoaXMgRS1tYWlsIGlz IHN0cmljdGx5IHByb2hpYml0ZWQgYW5kIG1heSBiZSB1bmxhd2Z1bC4gSWYgeW91IGhhdmUgcmVj ZWl2ZWQgdGhpcyBFLW1haWwgaW4gZXJyb3IsIHBsZWFzZSBub3RpZnkgdGhlIHNlbmRlciBpbW1l ZGlhdGVseSBhbmQgcGVybWFuZW50bHkgZGVsZXRlIHRoZSBvcmlnaW5hbCBhbmQgYW55IGNvcHkg b2YgdGhpcyBFLW1haWwgYW5kIGFueSBwcmludG91dC4NCg== From Sandra.Murphy@sparta.com Thu Jul 11 03:19:47 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE83B21F9FEA for ; Thu, 11 Jul 2013 03:19:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f9ROdR4D9lU8 for ; Thu, 11 Jul 2013 03:19:43 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 8DC2E21F9FE9 for ; Thu, 11 Jul 2013 03:19:38 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6BAJbWF013449 for ; Thu, 11 Jul 2013 05:19:37 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6BAJb8r029403 for ; Thu, 11 Jul 2013 05:19:37 -0500 Received: from CVA-MB001.centreville.ads.sparta.com ([fe80::58b4:c7c2:f9d:dff9]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Thu, 11 Jul 2013 06:20:23 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: I-D Action: draft-huston-rpki-validation-00.txt Thread-Index: AQHOfBenBjytYReD30yuJUZd/e0TnZlfR/xd Date: Thu, 11 Jul 2013 10:20:22 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749A6807@CVA-MB001.centreville.ads.sparta.com> References: <20130708201239.8056.871.idtracker@ietfa.amsl.com> In-Reply-To: <20130708201239.8056.871.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] FW: I-D Action: draft-huston-rpki-validation-00.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Jul 2013 10:19:48 -0000 I just saw this. Looks interesting.=0A= =0A= --Sandy, speaking as regular ol' member=0A= =0A= ________________________________________=0A= From: i-d-announce-bounces@ietf.org [i-d-announce-bounces@ietf.org] on beha= lf of internet-drafts@ietf.org [internet-drafts@ietf.org]=0A= Sent: Monday, July 08, 2013 4:12 PM=0A= To: i-d-announce@ietf.org=0A= Subject: I-D Action: draft-huston-rpki-validation-00.txt=0A= =0A= A New Internet-Draft is available from the on-line Internet-Drafts director= ies.=0A= =0A= =0A= Title : RPKI Validation Reconsidered=0A= Author(s) : Geoff Huston=0A= George Michaelson=0A= Filename : draft-huston-rpki-validation-00.txt=0A= Pages : 12=0A= Date : 2013-07-08=0A= =0A= Abstract:=0A= This document reviews the certificate validation procedure specified=0A= in RFC6487 and highlights aspects of operational management of=0A= certificates in the RPKI in response to the movement of resources=0A= across registries, and the associated actions of Certification=0A= Authorities to maintain certification of resources during this=0A= movement. The document describes an alternative validation procedure=0A= that reduces the operational impact of certificate management during=0A= resource movement.=0A= =0A= =0A= The IETF datatracker status page for this draft is:=0A= https://datatracker.ietf.org/doc/draft-huston-rpki-validation=0A= =0A= There's also a htmlized version available at:=0A= http://tools.ietf.org/html/draft-huston-rpki-validation-00=0A= =0A= =0A= Internet-Drafts are also available by anonymous FTP at:=0A= ftp://ftp.ietf.org/internet-drafts/=0A= =0A= _______________________________________________=0A= I-D-Announce mailing list=0A= I-D-Announce@ietf.org=0A= https://www.ietf.org/mailman/listinfo/i-d-announce=0A= Internet-Draft directories: http://www.ietf.org/shadow.html=0A= or ftp://ftp.ietf.org/ietf/1shadow-sites.txt=0A= From Sandra.Murphy@sparta.com Fri Jul 12 14:14:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7A6621F9F90 for ; Fri, 12 Jul 2013 14:14:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ldPnc5MPrSOi for ; Fri, 12 Jul 2013 14:14:14 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id AFAE221F9F6F for ; Fri, 12 Jul 2013 14:14:14 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6CLED8u024344 for ; Fri, 12 Jul 2013 14:14:13 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6CLECIL001359 for ; Fri, 12 Jul 2013 14:14:13 -0700 Received: from CVA-MB001.centreville.ads.sparta.com ([fe80::58b4:c7c2:f9d:dff9]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Fri, 12 Jul 2013 17:14:57 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: Ac5/P7KlsWW9gua6S/mEz+yRY2Jx6A== Date: Fri, 12 Jul 2013 21:14:56 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jul 2013 21:14:18 -0000 The chairs have queried the authors of draft-ietf-sidr-policy-qualifiers-00= , Policy Qualifiers in RPKI Certificates. The response was that the draft = is ready for wglc.=0A= =0A= There was general agreement on this draft during the adoption call, with on= e request for additional security considerations being addressed in the new= version. The draft is short and straightforward and the wg has not seen f= it to comment further.=0A= =0A= Even so, it is unusual to publish a draft with so little comment during the= time it has been a wg draft. The chairs will be looking for a stronger th= an usual response. Can't publish without reviews!=0A= =0A= This starts a 3 week wglc on draft draft-ietf-sidr-policy-qualifiers-00, Po= licy Qualifiers in RPKI Certificates. Please do send comments to the list,= indicating that you do or do not believe that the draft is ready for publi= cation.=0A= =0A= The draft is available at http://tools.ietf.org/html/draft-ietf-sidr-policy= -qualifiers-00.=0A= =0A= --Sandy, speaking for the co-chairs= From Sandra.Murphy@sparta.com Fri Jul 12 14:23:09 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E60A621F99F1 for ; Fri, 12 Jul 2013 14:23:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E9QV-WhdSjmG for ; Fri, 12 Jul 2013 14:23:02 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id E73D421F9F86 for ; Fri, 12 Jul 2013 14:23:00 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6CLMw14024395 for ; Fri, 12 Jul 2013 14:22:58 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6CLMtvW001641 for ; Fri, 12 Jul 2013 14:22:57 -0700 Received: from CVA-MB001.centreville.ads.sparta.com ([fe80::58b4:c7c2:f9d:dff9]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Fri, 12 Jul 2013 17:23:39 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: key management drafts Thread-Index: Ac5/RZMGY26TYrCaQ/KwvsUu25Za4w== Date: Fri, 12 Jul 2013 21:23:37 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84E8@CVA-MB001.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] key management drafts X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jul 2013 21:23:09 -0000 Any system that uses cryptography finds that the key management aspects are= a very important part. =0A= =0A= We have two drafts at the moment that are related to key management - draft= -ietf-sidr-bgpsec-rollover and draft-ietf-sidr-rtr-keying.=0A= =0A= There's been little comment on these drafts since they were adopted as wg d= rafts. Key management is not simple, and the impact on the system could be= large.=0A= =0A= So this is a poke to try to review these drafts and comment.=0A= =0A= --Sandy, speaking for the co-chairs= From randy@psg.com Fri Jul 12 15:18:13 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75D5121F9FC3 for ; Fri, 12 Jul 2013 15:18:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.587 X-Spam-Level: X-Spam-Status: No, score=-2.587 tagged_above=-999 required=5 tests=[AWL=0.012, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Llt+xjbUfpjQ for ; Fri, 12 Jul 2013 15:18:13 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0A521F9F96 for ; Fri, 12 Jul 2013 15:18:13 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1UxlfH-000I84-GE; Fri, 12 Jul 2013 22:18:11 +0000 Date: Fri, 12 Jul 2013 12:18:10 -1000 Message-ID: From: Randy Bush To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jul 2013 22:18:13 -0000 i do not support this draft. it is not needed technically or operationally. it is a silly legal fantasy. randy From ggm@algebras.org Fri Jul 12 21:39:23 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2B5711E80F7 for ; Fri, 12 Jul 2013 21:39:23 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.976 X-Spam-Level: X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lkJcSl-ngC41 for ; Fri, 12 Jul 2013 21:39:19 -0700 (PDT) Received: from mail-pd0-f172.google.com (mail-pd0-f172.google.com [209.85.192.172]) by ietfa.amsl.com (Postfix) with ESMTP id 8387611E80EF for ; Fri, 12 Jul 2013 21:39:19 -0700 (PDT) Received: by mail-pd0-f172.google.com with SMTP id z10so9168447pdj.3 for ; Fri, 12 Jul 2013 21:39:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=oPD7dF8p32W4ymM6d+FgjwHvXg9K8fb1caI9LMplXsw=; b=FhALh/Pz6EkQWbLy8814p7UKGa5FU7TWXXpv/vKMWDtgBzK9NmJH3zcnxKXOyQIAuL h58Um2xjcqTG64Eyz2vqwxJZkxcs2ZAmoP7MmPKJiAGW3jkH5ExpVJaEKs+Z7iyaR3vZ hyfrs/LnEc0pDR1fODu+K1IfASCA49Pab7/Zj61OSUL8D/IPSpSh2NRmsrjVhu5hHQMl bhnmNW8LmRgCJIEcaLXacgsvv9d7Xw0V5Q6NDF03cWRer2dUwvdBkqByBdzEWeS5PEdC XIfdge+ikssAHS6rZuAJFHj8fkVMluGNLKRZBkq4WZ5AdCF7l5t/S4w+Oe7dNmiTjD0w GgLg== MIME-Version: 1.0 X-Received: by 10.68.212.106 with SMTP id nj10mr44726367pbc.74.1373690359003; Fri, 12 Jul 2013 21:39:19 -0700 (PDT) Received: by 10.70.1.133 with HTTP; Fri, 12 Jul 2013 21:39:18 -0700 (PDT) X-Originating-IP: [2001:44b8:2136:8e00:51b3:7c3c:a3de:bec7] In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> Date: Sat, 13 Jul 2013 14:39:18 +1000 Message-ID: From: George Michaelson To: "Murphy, Sandra" Content-Type: multipart/alternative; boundary=e89a8ff1ca52e14d8404e15d3587 X-Gm-Message-State: ALoCoQkkfIP2RfODOkpF23NX4/DGbfQr4VrKu0I1oooGBcloLAaMfaQ1l3tMl3Y7ktlKjUDXlDyu Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jul 2013 04:39:23 -0000 --e89a8ff1ca52e14d8404e15d3587 Content-Type: text/plain; charset=ISO-8859-1 I support this draft being sent to WGLC. I have read the draft. PKI imposes operational outcomes which relate to legalisms. conditions of use, conditions of operation of service, dimensions which lie outside the routing plane, and barely come into play for most of the time, but when you *want to know* about things, its useful to have a pointer in the signed material. What we think about these legalisms is not the point: its the ability to reference them which is under discussion here. There is no current mechanism to do that. This draft proposes a mechanism. I think it does no harm, and I think it will do some good. I certainly have text which has been given to me by lawyers which I regard as highly suitable to be pointed to, by this kind of thing, and I expect other operators of (r)PKI would expect to be able to do the same. A small amount of work is required by validators of RPKI certificates to understand a new optional element can exist and not reject certificates for having the OID in the ASN.1. I can't think of anything in the draft which requires an 01, and if minor nits came up I believe they could be fixed in IESG/AUTHOR48 timeframes. -George On Sat, Jul 13, 2013 at 7:14 AM, Murphy, Sandra wrote: > The chairs have queried the authors of > draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI > Certificates. The response was that the draft is ready for wglc. > > There was general agreement on this draft during the adoption call, with > one request for additional security considerations being addressed in the > new version. The draft is short and straightforward and the wg has not > seen fit to comment further. > > Even so, it is unusual to publish a draft with so little comment during > the time it has been a wg draft. The chairs will be looking for a stronger > than usual response. Can't publish without reviews! > > This starts a 3 week wglc on draft draft-ietf-sidr-policy-qualifiers-00, > Policy Qualifiers in RPKI Certificates. Please do send comments to the > list, indicating that you do or do not believe that the draft is ready for > publication. > > The draft is available at > http://tools.ietf.org/html/draft-ietf-sidr-policy-qualifiers-00. > > --Sandy, speaking for the co-chairs > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > --e89a8ff1ca52e14d8404e15d3587 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
I support this draft being sent to WGLC. I have read the draft.
PKI imposes operational outcomes which relate to legalisms. conditions of u= se, conditions of operation of service, dimensions which lie outside the ro= uting plane, and barely come into play for most of the time, but when you *= want to know* about things, its useful to have a pointer in the signed mate= rial. What we think about these legalisms is not the point: its the ability= to reference them which is under discussion here. There is no current mech= anism to do that. This draft proposes a mechanism.=A0

I think it does no har= m, and I think it will do some good. I certainly have text which has been g= iven to me by lawyers which I regard as highly suitable to be pointed to, b= y this kind of thing, and I expect other operators of (r)PKI would expect t= o be able to do the same.

A small amount of work= is required by validators of RPKI certificates to understand a new optiona= l element can exist and not reject certificates for having the OID in the A= SN.1.

I can't think of a= nything in the draft which requires an 01, and if minor nits came up I beli= eve they could be fixed in IESG/AUTHOR48 timeframes.

-George


On Sat, Jul 13, = 2013 at 7:14 AM, Murphy, Sandra <Sandra.Murphy@sparta.com> wrote:
The chairs have queried the authors of draft= -ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI Certificates. = =A0The response was that the draft is ready for wglc.

There was general agreement on this draft during the adoption call, with on= e request for additional security considerations being addressed in the new= version. =A0The draft is short and straightforward and the wg has not seen= fit to comment further.

Even so, it is unusual to publish a draft with so little comment during the= time it has been a wg draft. =A0The chairs will be looking for a stronger = than usual response. =A0Can't publish without reviews!

This starts a 3 week wglc on draft draft-ietf-sidr-policy-qualifiers-00, Po= licy Qualifiers in RPKI Certificates. =A0Please do send comments to the lis= t, indicating that you do or do not believe that the draft is ready for pub= lication.

The draft is available at http://tools.ietf.org/html/dra= ft-ietf-sidr-policy-qualifiers-00.

--Sandy, speaking for the co-chairs
_______________________________________________
sidr mailing list
sidr@ietf.org
ht= tps://www.ietf.org/mailman/listinfo/sidr

--e89a8ff1ca52e14d8404e15d3587-- From randy@psg.com Fri Jul 12 21:54:48 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFB2D11E80F7 for ; Fri, 12 Jul 2013 21:54:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.587 X-Spam-Level: X-Spam-Status: No, score=-2.587 tagged_above=-999 required=5 tests=[AWL=0.012, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dD5LuKfrFyqG for ; Fri, 12 Jul 2013 21:54:48 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:1::36]) by ietfa.amsl.com (Postfix) with ESMTP id 49E0111E80EF for ; Fri, 12 Jul 2013 21:54:48 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1Uxrr1-000NLw-Oi; Sat, 13 Jul 2013 04:54:44 +0000 Date: Fri, 12 Jul 2013 18:54:42 -1000 Message-ID: From: Randy Bush To: George Michaelson In-Reply-To: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: "Murphy, Sandra" , "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jul 2013 04:54:49 -0000 > PKI imposes operational outcomes which relate to legalisms. conditions of > use, conditions of operation of service, dimensions which lie outside the > routing plane, and barely come into play for most of the time, but when you > *want to know* about things, its useful to have a pointer in the signed > material. What we think about these legalisms is not the point: its the > ability to reference them which is under discussion here. There is no > current mechanism to do that. This draft proposes a mechanism. CPS From melinda.shore@gmail.com Fri Jul 12 22:52:02 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1E3821E80D2 for ; Fri, 12 Jul 2013 22:52:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ePA0aucilNbg for ; Fri, 12 Jul 2013 22:52:01 -0700 (PDT) Received: from mail-pd0-x22f.google.com (mail-pd0-x22f.google.com [IPv6:2607:f8b0:400e:c02::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 58F7521E80CD for ; Fri, 12 Jul 2013 22:52:01 -0700 (PDT) Received: by mail-pd0-f175.google.com with SMTP id 4so9240179pdd.34 for ; Fri, 12 Jul 2013 22:52:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=K6yGzOEC7dh7veEyHrakUBNJMoTpXdU+JmgTnpd1d2I=; b=A0qt3r5/bftKJP0sWUI3/AxMCc84XONZ8cJlET7Kv0fPwCjp/OerMMEuvnHX63S/OC UCjTMqy/K7YA4j69pPdAq2hwIlxGPtYLsihKPTwWredsiQfglQR9XiL//Tes8DJeFyBJ U9mWpCsrRJH+0XrLEi2dVIM7CFkETM5yMBUBHCgYaOfsFlOlvKaMydPT0srv0/pGeGYu NTwDbYSFwfGJtnTZq4Bx8rOhlh7pQOBY4V0avbF6/bb7cRCNFtedEmXWi9h9iXB6u3B6 zj37hidoyKuPa+49pN43Mox2VdmRIqVMmkOFd6rGh9S8TBU/eil/RHL2Uh8lowTSIA66 DOeg== X-Received: by 10.66.102.101 with SMTP id fn5mr47043934pab.115.1373694721038; Fri, 12 Jul 2013 22:52:01 -0700 (PDT) Received: from spandex.local (216-67-40-63-rb1.fai.dsl.dynamic.acsalaska.net. [216.67.40.63]) by mx.google.com with ESMTPSA id zn4sm51798980pac.21.2013.07.12.22.51.59 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 12 Jul 2013 22:52:00 -0700 (PDT) Message-ID: <51E0EAFE.4080308@gmail.com> Date: Fri, 12 Jul 2013 21:51:58 -0800 From: Melinda Shore User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr@ietf.org References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jul 2013 05:52:02 -0000 On 7/12/13 8:54 PM, Randy Bush wrote: >> PKI imposes operational outcomes which relate to legalisms. conditions of >> use, conditions of operation of service, dimensions which lie outside the >> routing plane, and barely come into play for most of the time, but when you >> *want to know* about things, its useful to have a pointer in the signed >> material. What we think about these legalisms is not the point: its the >> ability to reference them which is under discussion here. There is no >> current mechanism to do that. This draft proposes a mechanism. > CPS I haven't been following as closely as I should have been (*clearly*), but are you uncomfortable with the way the CPS mechanism is being referenced? Walking through the documents it looks like there are several layers of indirection, but it's there. But, several layers of indirection. Melinda From kotikalapudi.sriram@nist.gov Sat Jul 13 13:51:41 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7472621F8C4B for ; Sat, 13 Jul 2013 13:51:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cQkmU4w0MdP2 for ; Sat, 13 Jul 2013 13:51:33 -0700 (PDT) Received: from wsget2.nist.gov (wsget2.nist.gov [129.6.13.151]) by ietfa.amsl.com (Postfix) with ESMTP id B446021F91B0 for ; Sat, 13 Jul 2013 13:51:25 -0700 (PDT) Received: from WSXGHUB1.xchange.nist.gov (129.6.18.96) by wsget2.nist.gov (129.6.13.151) with Microsoft SMTP Server (TLS) id 14.3.123.3; Sat, 13 Jul 2013 16:51:38 -0400 Received: from MBCLUSTER.xchange.nist.gov ([fe80::d479:3188:aec0:cb66]) by WSXGHUB1.xchange.nist.gov ([129.6.18.96]) with mapi; Sat, 13 Jul 2013 16:51:23 -0400 From: "Sriram, Kotikalapudi" To: "Murphy, Sandra" , sidr wg list Date: Sat, 13 Jul 2013 16:51:22 -0400 Thread-Topic: WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt Thread-Index: AQHOeP5fNE9ZmHDHgkWYQ//us2zAkJljIXMD Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jul 2013 20:51:41 -0000 I support adoption as a WG document. Sriram ________________________________________ From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] On Behalf Of Murphy, Sandra [Sandra.Murphy@sparta.com] Sent: Thursday, July 04, 2013 5:36 PM To: sidr wg list Subject: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt On behalf of the sidr co-chairs, this opens a two week wg adoption call for the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption call will end 18 July 2013. Please respond to the list as to whether you agree the wg should take this on as a wg work item. (It is not necessary to comment on the draft content at this time.) --Sandy, speaking as wg co-chair From jcurran@arin.net Sat Jul 13 22:20:50 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 537B221F9FBD for ; Sat, 13 Jul 2013 22:20:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HC3ZcvILqfG4 for ; Sat, 13 Jul 2013 22:20:44 -0700 (PDT) Received: from smtp1.arin.net (smtp1.arin.net [IPv6:2001:500:4:13::33]) by ietfa.amsl.com (Postfix) with ESMTP id 7A14C21F9B7F for ; Sat, 13 Jul 2013 22:20:44 -0700 (PDT) Received: by smtp1.arin.net (Postfix, from userid 323) id F2DB7165166; Sun, 14 Jul 2013 01:20:43 -0400 (EDT) Received: from ASHXCH01.corp.arin.net (ashxch01.corp.arin.net [199.43.0.17]) by smtp1.arin.net (Postfix) with ESMTP id 6247C16515F; Sun, 14 Jul 2013 01:20:43 -0400 (EDT) Received: from CHAXCH04.corp.arin.net (10.1.30.19) by ASHXCH01.corp.arin.net (199.43.0.17) with Microsoft SMTP Server (TLS) id 14.1.421.2; Sun, 14 Jul 2013 01:20:37 -0400 Received: from CHAXCH02.corp.arin.net ([169.254.2.236]) by CHAXCH04.corp.arin.net ([10.1.30.19]) with mapi id 14.02.0328.009; Sun, 14 Jul 2013 01:20:36 -0400 From: John Curran To: Randy Bush Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: AQHOgFHSYdjl7AtLxEeu76auZ5BeJQ== Date: Sun, 14 Jul 2013 05:20:14 +0000 Message-ID: <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.149.252.96] Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "Murphy, Sandra" , "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 05:20:50 -0000 On Jul 12, 2013, at 6:18 PM, Randy Bush wrote: > i do not support this draft. it is not needed technically or > operationally.=20 If that's the case for you, then don't use it on your certs. However, your= =20 requirements don't necessarily encompass all RPKI users, and overall system robustness is improved by having the policy qualifier language in RFC6487=20 more clearly line up with RFC5280 since they are going to be in use by othe= rs. FYI, /John =20 = From warren@kumari.net Sat Jul 13 23:41:00 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81AA021F9A13 for ; Sat, 13 Jul 2013 23:41:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.549 X-Spam-Level: X-Spam-Status: No, score=-102.549 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cg9tWLvrCvUF for ; Sat, 13 Jul 2013 23:40:55 -0700 (PDT) Received: from vimes.kumari.net (smtp1.kumari.net [204.194.22.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7DF611E80E0 for ; Sat, 13 Jul 2013 23:40:55 -0700 (PDT) Received: from [10.21.11.28] (unknown [196.38.31.134]) by vimes.kumari.net (Postfix) with ESMTPSA id 2A2A61B40CCC; Sun, 14 Jul 2013 02:40:46 -0400 (EDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Warren Kumari In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Date: Sun, 14 Jul 2013 02:40:42 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> To: "Murphy, Sandra" X-Mailer: Apple Mail (2.1508) Cc: sidr wg list Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 06:41:00 -0000 On Jul 4, 2013, at 5:36 PM, "Murphy, Sandra" = wrote: > On behalf of the sidr co-chairs, this opens a two week wg adoption = call for the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption = call will end 18 July 2013. >=20 > Please respond to the list as to whether you agree the wg should take = this on as a wg work item. (It is not necessary to comment on the draft = content at this time.) I support adoption. I believe the draft is useful and covers a real need. W >=20 > --Sandy, speaking as wg co-chair >=20 > ________________________________________ > From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Randy = Bush [randy@psg.com] > Sent: Monday, April 08, 2013 8:57 PM > To: sidr wg list > Subject: [sidr] draft-ymbk-rpki-rtr-keys-01.txt >=20 > chairs, >=20 > could you please turn the crank to move this through wg adoption? > thanks >=20 > fwiw, i doubt it will move through to wglc/rfc, but rather a 6810bis > may be the better path. >=20 > randy >=20 >=20 > From: internet-drafts@ietf.org > To: randy@psg.com > Cc: keyupate@cisco.com, turners@ieca.com > Subject: New Version Notification for draft-ymbk-rpki-rtr-keys-01.txt > Message-ID: <20130409005340.26017.92925.idtracker@ietfa.amsl.com> > Date: Mon, 08 Apr 2013 17:53:40 -0700 >=20 >=20 > A new version of I-D, draft-ymbk-rpki-rtr-keys-01.txt > has been successfully submitted by Randy Bush and posted to the > IETF repository. >=20 > Filename: draft-ymbk-rpki-rtr-keys > Revision: 01 > Title: Router Key PDU for RPKI-Router Protocol > Creation date: 2013-04-09 > Group: Individual Submission > Number of pages: 5 > URL: = http://www.ietf.org/internet-drafts/draft-ymbk-rpki-rtr-ke=3D > ys-01.txt > Status: = http://datatracker.ietf.org/doc/draft-ymbk-rpki-rtr-keys > Htmlized: = http://tools.ietf.org/html/draft-ymbk-rpki-rtr-keys-01 > Diff: = http://www.ietf.org/rfcdiff?url2=3D3Ddraft-ymbk-rpki-rtr-key=3D > s-01 >=20 > Abstract: > The RPKI/Router Protocol v0 is specified to carry the PDUs necessary > for RPKI-based Origin Validation. For BGPsec Path Validation, the > routers also need data extracted from BGPsec Router Certificates. > This document adds a PDU to the RPKI/Router Protocol to carry those > data. >=20 > The IETF Secretariat >=20 > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr >=20 -- "Have you got any previous convictions?" "Well, I dunno... I suppose I used to believe very firmly that a penny = saved is a penny earned--" -- Terry Pratchett From melinda.shore@gmail.com Sat Jul 13 23:41:39 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D3D121F9C85 for ; Sat, 13 Jul 2013 23:41:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ph6NiyRkzQ+e for ; Sat, 13 Jul 2013 23:41:38 -0700 (PDT) Received: from mail-pb0-x22e.google.com (mail-pb0-x22e.google.com [IPv6:2607:f8b0:400e:c01::22e]) by ietfa.amsl.com (Postfix) with ESMTP id C4F6021F9C4B for ; Sat, 13 Jul 2013 23:41:38 -0700 (PDT) Received: by mail-pb0-f46.google.com with SMTP id rq2so10246923pbb.5 for ; Sat, 13 Jul 2013 23:41:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=uDsry+pi6H1c/wPMscdPYz47VH6olOLfj4pSM+p8/TQ=; b=vUBbkZ/1dIGagP86DLbn6VtZrTPlC/n3aVEPzDXkJtUwAWXy38MBG3n6uVAZ6WjCqG XJ15jqFUK/t6q83nU3ZJ0iTpM8Z6yaTG4+cpn6+g4n8glFHinL01LH74m0ivPJw/1HYT vVEfr4q3TMP05YkRgRhgE6GmPoR9SHNDjCujrzmiYbYRj2bWd933Uu1xfpeBTtRK2WF1 qRHtfkf7GvgFoMRnmEVVasluzVuSk4dgq+9Iqh3J/Wsb7urXqjFrbg4ubkdbgdkB4pDq mPq0zFXrkCP0xykaIPakY6g0pv0U9Loudby/KsD0jqlygUUrM9tPu+twwrmm4Ez94I6E yC2w== X-Received: by 10.68.137.8 with SMTP id qe8mr49222331pbb.100.1373784098577; Sat, 13 Jul 2013 23:41:38 -0700 (PDT) Received: from spandex.local (216-67-40-63-rb1.fai.dsl.dynamic.acsalaska.net. [216.67.40.63]) by mx.google.com with ESMTPSA id ht5sm8482736pbb.29.2013.07.13.23.41.36 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 13 Jul 2013 23:41:37 -0700 (PDT) Message-ID: <51E2481E.7060103@gmail.com> Date: Sat, 13 Jul 2013 22:41:34 -0800 From: Melinda Shore User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr@ietf.org References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> In-Reply-To: <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 06:41:39 -0000 On 7/13/13 9:20 PM, John Curran wrote: > If that's the case for you, then don't use it on your certs. However, your > requirements don't necessarily encompass all RPKI users, and overall system > robustness is improved by having the policy qualifier language in RFC6487 > more clearly line up with RFC5280 since they are going to be in use by others. I think I'm coming down in largely the same place Randy is (with some fuzz around the edges). I'm not sure I understand the consequences of not publishing this. Melinda From jcurran@arin.net Sun Jul 14 00:15:59 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB26121F9A05 for ; Sun, 14 Jul 2013 00:15:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3baUd4zCFxyT for ; Sun, 14 Jul 2013 00:15:54 -0700 (PDT) Received: from smtp1.arin.net (smtp1.arin.net [IPv6:2001:500:4:13::33]) by ietfa.amsl.com (Postfix) with ESMTP id D40BA21F9CF5 for ; Sun, 14 Jul 2013 00:15:53 -0700 (PDT) Received: by smtp1.arin.net (Postfix, from userid 323) id 0278F16516C; Sun, 14 Jul 2013 03:15:53 -0400 (EDT) Received: from ASHXCH01.corp.arin.net (ashxch01.corp.arin.net [199.43.0.17]) by smtp1.arin.net (Postfix) with ESMTP id 536B1165169; Sun, 14 Jul 2013 03:15:52 -0400 (EDT) Received: from CHAXCH04.corp.arin.net (10.1.30.19) by ASHXCH01.corp.arin.net (199.43.0.17) with Microsoft SMTP Server (TLS) id 14.1.421.2; Sun, 14 Jul 2013 03:15:39 -0400 Received: from CHAXCH02.corp.arin.net ([169.254.2.236]) by CHAXCH04.corp.arin.net ([10.1.30.19]) with mapi id 14.02.0328.009; Sun, 14 Jul 2013 03:15:37 -0400 From: John Curran To: Melinda Shore Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: AQHOgFHSYdjl7AtLxEeu76auZ5BeJQ== Date: Sun, 14 Jul 2013 07:15:15 +0000 Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> In-Reply-To: <51E2481E.7060103@gmail.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.149.252.96] Content-Type: text/plain; charset="us-ascii" Content-ID: <9CE3F41D8814844684A4DBBD18BCE104@corp.arin.net> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 07:15:59 -0000 On Jul 14, 2013, at 2:41 AM, Melinda Shore wrote: > On 7/13/13 9:20 PM, John Curran wrote: >> If that's the case for you, then don't use it on your certs. However, y= our=20 >> requirements don't necessarily encompass all RPKI users, and overall sys= tem >> robustness is improved by having the policy qualifier language in RFC648= 7=20 >> more clearly line up with RFC5280 since they are going to be in use by o= thers. >=20 > I think I'm coming down in largely the same place Randy is (with some > fuzz around the edges). I'm not sure I understand the consequences of > not publishing this. There are really two issues here: - RFC 6487 does not specifically allow or disallow a policy qualifiers; one may read the preface in section 4 as implying it is disallowed, but=20 the document is much more explicit regarding allowed/disallowed fields=20 in other extensions. As RFC 5280 specifically defines the certificate=20 policies extension as containing a sequence of policy information terms=20 (each of which has object identifier (OID) and optional qualifiers),=20 inclusion of "exactly one policy" doesn't necessarily mean with or=20 without optional qualifiers. A validator shouldn't have to guess at what it allowed in the specification, so RFC 6487 should be clarified (one way or the other) on the matter of policy qualifiers. - If we're going to clarify RFC 6487, then it can be disallowing the=20 policy qualifiers already defined in RFC 5280 or by allowing them. Some of the users of RPKI specifications (ARIN) would like to allow them (in particular, the CPS pointer policy qualifier) and hence the reason for draft-ietf-sidr-policy-qualifiers-00. You may not=20 see a need to include policy qualifier on the certificates that you issue, but providing a reference to CPS in the certificate may be=20 useful for both CA operators and certificate users on occasion. Thanks, /John From randy@psg.com Sun Jul 14 12:27:17 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B33821F9AE1 for ; Sun, 14 Jul 2013 12:27:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.589 X-Spam-Level: X-Spam-Status: No, score=-2.589 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZO5y9yefnYqk for ; Sun, 14 Jul 2013 12:27:10 -0700 (PDT) Received: from ran.psg.com (rang.psg.com [198.180.150.19]) by ietfa.amsl.com (Postfix) with ESMTP id 46B2A21F9B19 for ; Sun, 14 Jul 2013 12:27:10 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from ) id 1UyRwd-0006iD-AW; Sun, 14 Jul 2013 19:26:55 +0000 Date: Sun, 14 Jul 2013 09:26:54 -1000 Message-ID: From: Randy Bush To: Melinda Shore In-Reply-To: <51E2481E.7060103@gmail.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: sidr wg list Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 19:27:17 -0000 >> overall system robustness is improved by having the policy qualifier >> language in RFC6487 more clearly line up with RFC5280 since they are >> going to be in use by others. robustness? how does this increase *engineering* robustness? this is not the internet legal task force. that's icann. > I'm not sure I understand the consequences of not publishing this. there are no *technical* consequences i can see. it's rir lawyer fud. randy From jcurran@arin.net Sun Jul 14 13:10:55 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 329C821F9CD3 for ; Sun, 14 Jul 2013 13:10:55 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cS2YCWICdrbQ for ; Sun, 14 Jul 2013 13:10:49 -0700 (PDT) Received: from smtp1.arin.net (smtp1.arin.net [IPv6:2001:500:4:13::33]) by ietfa.amsl.com (Postfix) with ESMTP id 2499C21F9CEF for ; Sun, 14 Jul 2013 13:10:47 -0700 (PDT) Received: by smtp1.arin.net (Postfix, from userid 323) id B007F164F72; Sun, 14 Jul 2013 16:10:46 -0400 (EDT) Received: from ASHXCH01.corp.arin.net (ashxch01.corp.arin.net [199.43.0.17]) by smtp1.arin.net (Postfix) with ESMTP id 322A2164F72; Sun, 14 Jul 2013 16:10:46 -0400 (EDT) Received: from CHAXCH04.corp.arin.net (10.1.30.19) by ASHXCH01.corp.arin.net (199.43.0.17) with Microsoft SMTP Server (TLS) id 14.1.421.2; Sun, 14 Jul 2013 16:10:33 -0400 Received: from CHAXCH02.corp.arin.net ([169.254.2.236]) by CHAXCH04.corp.arin.net ([10.1.30.19]) with mapi id 14.02.0328.009; Sun, 14 Jul 2013 16:10:32 -0400 From: John Curran To: Randy Bush Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: AQHOgFHSYdjl7AtLxEeu76auZ5BeJQ== Date: Sun, 14 Jul 2013 20:10:10 +0000 Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.149.252.96] Content-Type: text/plain; charset="us-ascii" Content-ID: <234705EE591BCF49BCAF19C82F7C820D@corp.arin.net> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: sidr wg list Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 20:10:55 -0000 On Jul 14, 2013, at 3:26 PM, Randy Bush wrote: >>> overall system robustness is improved by having the policy qualifier >>> language in RFC6487 more clearly line up with RFC5280 since they are >>> going to be in use by others. >=20 > robustness? how does this increase *engineering* robustness? this is > not the internet legal task force. that's icann. Fix RFC 6487 to make it clear, one way or the other. Not having some=20 folks treat the current spec one way and some treat it another will=20 improve *engineering* robustness. >> I'm not sure I understand the consequences of not publishing this. >=20 > there are no *technical* consequences i can see. it's rir lawyer fud. Incorrect, as the origin of the extension was RFC5280. As someone noted earlier, PKI technology often provides mechanisms which may be used for=20 expressing various legal concepts, but your usage of them is entirely up=20 to you (or at least it should be, unless/until folks start forcing their=20 legal perspectives on others by disallowing existing extensions...) /John From robertl@apnic.net Sun Jul 14 16:38:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A39D221F91CC for ; Sun, 14 Jul 2013 16:38:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.557 X-Spam-Level: X-Spam-Status: No, score=0.557 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1, RELAY_IS_203=0.994] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Kn8fqeIa853 for ; Sun, 14 Jul 2013 16:38:15 -0700 (PDT) Received: from ao-mailgw.apnic.net (ao-mailgw.apnic.net [IPv6:2001:dd8:b:98::120]) by ietfa.amsl.com (Postfix) with SMTP id 0D78121F9AFE for ; Sun, 14 Jul 2013 16:38:13 -0700 (PDT) Received: from NXMDA1.org.apnic.net (unknown [203.119.101.249]) by ao-mailgw.apnic.net (Halon Mail Gateway) with ESMTP; Mon, 15 Jul 2013 09:37:32 +1000 (EST) Received: from IAMDA2.org.apnic.net (2001:dd8:a:852::21) by NXMDA1.org.apnic.net (2001:dd8:9:802::11) with Microsoft SMTP Server (TLS) id 14.1.218.12; Mon, 15 Jul 2013 09:38:10 +1000 Received: from [203.119.42.85] (203.119.101.249) by IAMDA2.org.apnic.net (203.119.111.21) with Microsoft SMTP Server (TLS) id 14.1.438.0; Mon, 15 Jul 2013 09:38:10 +1000 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Robert Loomans In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> Date: Mon, 15 Jul 2013 09:38:07 +1000 Content-Transfer-Encoding: quoted-printable Message-ID: <594D95C7-2549-4D35-BE50-9292E86BFE6F@apnic.net> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> To: "Murphy, Sandra" X-Mailer: Apple Mail (2.1508) Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jul 2013 23:38:18 -0000 I have reviewed the draft and I think it is a useful clarification of an = ambiguity in RFC 6487. I support this draft going to wglc. Rob On 13/07/2013, at 07:14, "Murphy, Sandra" = wrote: > The chairs have queried the authors of = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. The response was that the draft is ready for wglc. >=20 > There was general agreement on this draft during the adoption call, = with one request for additional security considerations being addressed = in the new version. The draft is short and straightforward and the wg = has not seen fit to comment further. >=20 > Even so, it is unusual to publish a draft with so little comment = during the time it has been a wg draft. The chairs will be looking for = a stronger than usual response. Can't publish without reviews! >=20 > This starts a 3 week wglc on draft = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. Please do send comments to the list, indicating that you = do or do not believe that the draft is ready for publication. >=20 > The draft is available at = http://tools.ietf.org/html/draft-ietf-sidr-policy-qualifiers-00. >=20 > --Sandy, speaking for the co-chairs > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr --=20 Robert Loomans email: robertl@apnic.net Senior Software Engineer, APNIC sip: robertl@voip.apnic.net http://www.apnic.net/ phone: +61 7 3858 3100 From Sandra.Murphy@sparta.com Mon Jul 15 02:46:44 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 019D021F9F2B for ; Mon, 15 Jul 2013 02:46:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kFrWnm9tf+0v for ; Mon, 15 Jul 2013 02:46:38 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id 90C1021F9F5B for ; Mon, 15 Jul 2013 02:46:38 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6F9kbhm018080 for ; Mon, 15 Jul 2013 02:46:37 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6F9ka04027397 for ; Mon, 15 Jul 2013 02:46:37 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 15 Jul 2013 05:46:23 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: WG Chair consensus statements Thread-Index: Ac6BPkrax3+UXfnhR+eHsTcRrFjCvw== Date: Mon, 15 Jul 2013 09:46:23 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749AFC63@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] WG Chair consensus statements X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 09:46:44 -0000 The chairs have reviewed two long standing discussion in the wg. Consensus= statements on these two discussions will immediately follow.=0A= =0A= The two discussions are:=0A= =0A= BGP Origin Attribute=0A= =0A= Route Leaks and Forward Plan=0A= =0A= -Sandy, speaking for the co-chairs= From Sandra.Murphy@sparta.com Mon Jul 15 02:46:57 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CA7B21F943C for ; Mon, 15 Jul 2013 02:46:56 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i8KzkmuFh032 for ; Mon, 15 Jul 2013 02:46:50 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 5526221F91CB for ; Mon, 15 Jul 2013 02:46:50 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6F9knmB031383 for ; Mon, 15 Jul 2013 04:46:49 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6F9knTu002338 for ; Mon, 15 Jul 2013 04:46:49 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Mon, 15 Jul 2013 05:46:36 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: A chair consensus statement on the BGP ORIGIN Attribute Thread-Index: Ac6BPp/I6ZxM4w94TPac8yHcijtGGw== Date: Mon, 15 Jul 2013 09:46:35 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749AFC6B@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] A chair consensus statement on the BGP ORIGIN Attribute X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 09:46:57 -0000 A chair consensus statement on the BGP ORIGIN Attribute=0A= =0A= The ORIGIN attribute has been discussed in the working group several times.= =0A= =0A= One view is that the ORIGIN attribute, according to the BGP specification, = is supposed to be set at the originating AS and =93SHOULD NOT=94 be reset b= y other ASs. In this view, changing the ORIGIN was a threat of traffic att= raction and so the source authentication and integrity of this attribute sh= ould be protected throughout its propagation. =0A= =0A= The opposing view was that the original purpose for this attribute (ie, con= veying the state at the originating AS) has been obsolete for a very long t= ime, and that operators have re-purposed this attribute to their use and th= at that use (altering the ORIGIN) was legitimate, common and important to t= hem. In this view, altering the ORIGIN should not be prohibited by the sec= urity protections. =0A= =0A= The rough consensus of the working group is that the current operational us= e and the ability to change the ORIGIN attribute should not be included in = the threats that must be countered by the security protections.=0A= =0A= --Sandy, speaking for the co-chairs= From Sandra.Murphy@sparta.com Mon Jul 15 02:49:32 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C44521F9FCA for ; Mon, 15 Jul 2013 02:49:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kl6fz4RoEMEl for ; Mon, 15 Jul 2013 02:49:24 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 610FA21F9306 for ; Mon, 15 Jul 2013 02:49:24 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6F9nOlU031386 for ; Mon, 15 Jul 2013 04:49:24 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6F9nN4I002351 for ; Mon, 15 Jul 2013 04:49:23 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 15 Jul 2013 05:49:10 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: A chair consensus statement on route leaks and forward plan Thread-Index: AQHOgT+0bqdsk6ZYZUuNblHf1J0BaA== Date: Mon, 15 Jul 2013 09:49:09 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749AFC79@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] A chair consensus statement on route leaks and forward plan X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 09:49:32 -0000 A chair consensus statement on route leaks and forward plan=0A= =0A= Route leaks have been mentioned and discussed at length in the working grou= p and in working group meetings many times.=0A= =0A= One view is that route leaks are a critical concern to many operators and s= o should be included in the work of this working group.=0A= =0A= The opposing view is that route leaks are not in scope of the wg charter. = Route leaks are presently ill-defined and even the common understanding see= ms to rely on arrangements between neighbors that are presently unpublished= , and are not carried in the BGP protocol.=0A= =0A= There were discussions and individual draft proposals for mechanisms that c= ould extend the BGP protocol to communicate and enforce route leak constrai= nts.=0A= =0A= The rough consensus of the working group was that route leaks are an import= ant problem but not presently within the scope of possible work in this wor= king group. The plan to address the problem has three steps =96 first, tha= t definition and requirements would be considered in other working groups, = then mechanisms for protection possibly including extensions to bgp could b= e developed, and then security protections for those mechanisms could be de= veloped. At present, definition and requirements is in the scope of the GR= OW working group, and any identified extensions to bgp that result would be= in the scope of the IDR working group. =0A= =0A= At this point in time, the GROW working group has adopted one work item to = define route leaks and has a draft under consideration. It is not possible= to state definitively that this work will progress or what the results or = next steps will be.=0A= =0A= --Sandy, speaking for the co-chairs=0A= From Sandra.Murphy@sparta.com Mon Jul 15 03:29:44 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E51A121F9E7E for ; Mon, 15 Jul 2013 03:29:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZ++nTolM6SL for ; Mon, 15 Jul 2013 03:29:40 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id AEE2A21E8055 for ; Mon, 15 Jul 2013 03:29:40 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6FATd0M018292 for ; Mon, 15 Jul 2013 03:29:39 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6FATcap028701 for ; Mon, 15 Jul 2013 03:29:39 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 15 Jul 2013 06:29:25 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: I-D Action: draft-austein-sidr-rpki-oob-setup-00.txt Thread-Index: AQHOfxQ4F5YIDQqlbUmoeP2BrAWCUplljggm Date: Mon, 15 Jul 2013 10:29:24 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749B1096@CVA-MB002.centreville.ads.sparta.com> References: <20130712152341.21007.97421.idtracker@ietfa.amsl.com> In-Reply-To: <20130712152341.21007.97421.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] FW: I-D Action: draft-austein-sidr-rpki-oob-setup-00.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 10:29:45 -0000 This draft looks related to the working group.=0A= =0A= --Sandy, speaking as regular ol' member=0A= =0A= ________________________________________=0A= From: i-d-announce-bounces@ietf.org [i-d-announce-bounces@ietf.org] on beha= lf of internet-drafts@ietf.org [internet-drafts@ietf.org]=0A= Sent: Friday, July 12, 2013 11:23 AM=0A= To: i-d-announce@ietf.org=0A= Subject: I-D Action: draft-austein-sidr-rpki-oob-setup-00.txt=0A= =0A= A New Internet-Draft is available from the on-line Internet-Drafts director= ies.=0A= =0A= =0A= Title : An Out-Of-Band Setup Protocol For RPKI Production= Services=0A= Author(s) : Rob Austein=0A= Filename : draft-austein-sidr-rpki-oob-setup-00.txt=0A= Pages : 19=0A= Date : 2013-07-12=0A= =0A= Abstract:=0A= This note describes a simple out-of-band protocol to ease setup of=0A= the RPKI provisioning and publication protocols between two parties.=0A= The protocol is encoded in a small number of XML messages, which can=0A= be passed back and forth by any mutually agreeable secure means.=0A= =0A= This setup protocol is not part of the provisioning or publication=0A= protocol, rather, it is intended to simplify configuration of these=0A= protocols by setting up relationships and exchanging BPKI keying=0A= material.=0A= =0A= =0A= The IETF datatracker status page for this draft is:=0A= https://datatracker.ietf.org/doc/draft-austein-sidr-rpki-oob-setup=0A= =0A= There's also a htmlized version available at:=0A= http://tools.ietf.org/html/draft-austein-sidr-rpki-oob-setup-00=0A= =0A= =0A= Internet-Drafts are also available by anonymous FTP at:=0A= ftp://ftp.ietf.org/internet-drafts/=0A= =0A= _______________________________________________=0A= I-D-Announce mailing list=0A= I-D-Announce@ietf.org=0A= https://www.ietf.org/mailman/listinfo/i-d-announce=0A= Internet-Draft directories: http://www.ietf.org/shadow.html=0A= or ftp://ftp.ietf.org/ietf/1shadow-sites.txt=0A= From kent@bbn.com Mon Jul 15 07:20:48 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5010511E8101 for ; Mon, 15 Jul 2013 07:20:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QTbab5AtrDfH for ; Mon, 15 Jul 2013 07:20:42 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id EEFAF11E80E8 for ; Mon, 15 Jul 2013 07:20:36 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:46115 helo=comsec.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1Uyjdk-000LfY-31 for sidr@ietf.org; Mon, 15 Jul 2013 10:20:36 -0400 Message-ID: <51E40536.6080808@bbn.com> Date: Mon, 15 Jul 2013 10:20:38 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr@ietf.org References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 14:20:48 -0000 I agree with John's characterization of the issue being address by this I-D. I support this I-D because I don't want the lack of a simple capability like this to stand in the way of RPKI deployment in ARIN. Steve From rogaglia@cisco.com Mon Jul 15 07:23:15 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 684031F0D46 for ; Mon, 15 Jul 2013 07:23:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GfoxjaR+CtTd for ; Mon, 15 Jul 2013 07:23:09 -0700 (PDT) Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) by ietfa.amsl.com (Postfix) with ESMTP id E3F221F0D42 for ; Mon, 15 Jul 2013 07:22:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8154; q=dns/txt; s=iport; t=1373898161; x=1375107761; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=jqHkCt6dfbt7Ys6pQsx+ZOoqSAKjtiFugDUEIkfrXMQ=; b=UjPaMA0Z4sYQSn+ULtSxodT4lo4VHeXDc7OH0fFc+ROy/1Mu/NqCN4hC k1D8UgqKb2vzmo9s/79eHunBq8B5HadY3DyjkNAOUkfk7zXShBYSIQpjz lJoxWhxn36HD4OTBH0uIqphbvaO82n00Ushfo0VRiApy/NfiVkkhhjzi6 c=; X-Files: smime.p7s : 4459 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AhwFAKQE5FGtJV2b/2dsb2JhbABUBoMGNE/BUoEQFnSCIwEBAQMBAQEBGlELBQsCAQgiJAIlCyUCBA4FCAaHfAYMtXaOPnUxBwSDB20DkA+BLYdJkCSDEoIo X-IronPort-AV: E=Sophos;i="4.89,668,1367971200"; d="p7s'?scan'208";a="234954186" Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-8.cisco.com with ESMTP; 15 Jul 2013 14:22:40 +0000 Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r6FEMeo7001567 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 15 Jul 2013 14:22:40 GMT Received: from xmb-rcd-x02.cisco.com ([169.254.4.192]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.02.0318.004; Mon, 15 Jul 2013 09:22:39 -0500 From: "Roque Gagliano (rogaglia)" To: "Murphy, Sandra" Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: AQHOgWbC3ICaooFB+UuLQGBU0PP5qA== Date: Mon, 15 Jul 2013 14:22:39 +0000 Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.147.19.64] Content-Type: multipart/signed; boundary="Apple-Mail=_D11D114D-2463-4E33-9D93-6498A6EC833C"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 14:23:15 -0000 --Apple-Mail=_D11D114D-2463-4E33-9D93-6498A6EC833C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi Sandy, As I said during the call for adoption, I think this is an important = omission from RFC6487 and the document is well written. Before sending my support to advance to the IESG, I wanted to ask the = author if they have tested the effects of this change on existing RP = tools. Do they really set the certificate as invalid? Roque On Jul 12, 2013, at 11:14 PM, "Murphy, Sandra" = wrote: > The chairs have queried the authors of = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. The response was that the draft is ready for wglc. >=20 > There was general agreement on this draft during the adoption call, = with one request for additional security considerations being addressed = in the new version. The draft is short and straightforward and the wg = has not seen fit to comment further. >=20 > Even so, it is unusual to publish a draft with so little comment = during the time it has been a wg draft. The chairs will be looking for = a stronger than usual response. Can't publish without reviews! >=20 > This starts a 3 week wglc on draft = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. Please do send comments to the list, indicating that you = do or do not believe that the draft is ready for publication. >=20 > The draft is available at = http://tools.ietf.org/html/draft-ietf-sidr-policy-qualifiers-00. >=20 > --Sandy, speaking for the co-chairs > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr --Apple-Mail=_D11D114D-2463-4E33-9D93-6498A6EC833C Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINSTCCBkIw ggUqoAMCAQICEDirAC//rpa3Vv85Wvtd5xswDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug b25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0 aW9uIEF1dGhvcml0eSAtIEczMB4XDTExMDkwMTAwMDAwMFoXDTIxMDgzMTIzNTk1OVowgaYxCzAJ BgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50 ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQD Ey5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuwn/R1j9DsdisHTHMjIgoa2uEqGkqqBXHLKMA0vnkEi VzAhJZCao/SsKsaIF4ZhchN2LuwDyyebjyCAN+DkitpVplAP/LlcI2mJQqG6H6/vDvmkyQrx+Dey xtmSSq5937hEH5u6P4wG/tgjT0hRI2pghKjuJy9g35byGiqMPI8AzE/L+iCOvDX24fCatgXz/B0/ xhR7DtryBeTTgwKmxWlwtKnkVunbHVz0pjbia7UeKi3cvrvuOgSwMAitX2hsxr0GloiE5+apZC28 ODC7iCbDZ2ZmtLR3+cChxw5y72bi5bnK4POFdzWY3tQcsP5mceI4y258T0BV65fZqBge7QIDAQAB o4ICRDCCAkAwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxodHRwOi8vcGtpLW9jc3AudmVy aXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBS MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpo dHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnZl cmlzaWduLmNvbS9wY2ExLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAY BgNVBAMTEVZlcmlTaWduTVBLSS0yLTk3MB0GA1UdDgQWBBSt+cOTci21uShh5KTXYNXECl4aATCB 8QYDVR0jBIHpMIHmoYHQpIHNMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu Yy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZl cmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHM4IRAItb dVaEVIULAM+vOEjOsaQwDQYJKoZIhvcNAQEFBQADggEBANaPwdqbiPKzbE0fWC+6AVFddMFG6MO4 e5/WQPHv/zK6iWvADjRDn6SZ5qTwXUgzYoWFYf4jiCKMYJsrnGVJlMSiOCRIpVylUEto6WIip5Po mSJuPVu7EEIOH0x1RzRWCY/4vYw881y70pZwVHBiTe/REL6dSCxe7IZrB4LwPeElJygs4BZ2HrP9 5WKW0oo9Xyuu+1zCE7dlY8s0dkOf1oeZq26tlcEAP0Yngf813iMOQ9wUXzL5yinvwlIw9ZnduYH4 OiUgjYJo8rkhhXRmBOGGORYy8i3WKqjJ3tkAAk/jGCDFpYFWtpXe04Kt+HslvmR8LqC6cCz4+XXi dE0HbYQwggb/MIIF56ADAgECAhAYf+/XztcT+E2kExj0ut5oMA0GCSqGSIb3DQEBBQUAMIGmMQsw CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu dGVjIFRydXN0IE5ldHdvcmsxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UE AxMuU3ltYW50ZWMgQ2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHNDAeFw0xMzA1 MTQwMDAwMDBaFw0xNDA1MTUyMzU5NTlaMIHEMS4wLAYDVQQDDCVQZXJzb25hIE5vdCBWYWxpZGF0 ZWQgLSAxMzY4NTI0MDEwMDczMSEwHwYJKoZIhvcNAQkBFhJyb2dhZ2xpYUBjaXNjby5jb20xDzAN BgNVBAsMBlMvTUlNRTEeMBwGA1UECwwVUGVyc29uYSBOb3QgVmFsaWRhdGVkMR8wHQYDVQQLDBZT eW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQKDBRTeW1hbnRlYyBDb3Jwb3JhdGlvbjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/aDENz/1kQVeEyPK5cHw3n9c4ErU13WONPXjL7 fHYj0Yr/DSGbdyiWZ001bkIMPxvJbxv4r5EaTq72gHxhTF/frLoM5+sEKAErBPuOqpAAYlxo4uyK U1pQzPy+3rtlVRStNUAJZHVN4kYtHRghGoBCkqh2JoSBMCgc41Mr1UvS3dI4kp5lKEqutKjoDtdc /O4Kee/CLzEy0D8QNOF7OSjrPmed1jsAxxqsv9EHMJvG9z/CIXF2Q/kYf24ozeujCPZVaOTjWVsd BsZSNUaD9LyeGQBtGCXq7e0rUEFPZfsdxUoBoVeTYRYIcloFuiG4QQsvjr6rlFZDbXEhOWOJnRsC AwEAAaOCAwcwggMDMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMCAGA1UdJQEB/wQWMBQG CCsGAQUFBwMEBggrBgEFBQcDAjAdBgNVHQ4EFgQU+K3xGZv+qs21HN5cJGWwMOyfwHcwHQYDVR0R BBYwFIEScm9nYWdsaWFAY2lzY28uY29tMB8GA1UdIwQYMBaAFK35w5NyLbW5KGHkpNdg1cQKXhoB MIIBKwYIKwYBBQUHAQEEggEdMIIBGTCCARUGCCsGAQUFBzAChoIBB2xkYXA6Ly9kaXJlY3Rvcnku dmVyaXNpZ24uY29tL0NOJTIwJTNEJTIwU3ltYW50ZWMlMjBDbGFzcyUyMDElMjBJbmRpdmlkdWFs JTIwU3Vic2NyaWJlciUyMENBJTIwLSUyMEc0JTJDJTIwT1UlMjAlM0QlMjBQZXJzb25hJTIwTm90 JTIwVmFsaWRhdGVkJTJDJTIwT1UlMjAlM0QlMjBTeW1hbnRlYyUyMFRydXN0JTIwTmV0d29yayUy QyUyME8lMjAlM0QlMjBTeW1hbnRlYyUyMENvcnBvcmF0aW9uJTJDJTIwQyUyMCUzRCUyMFVTP2NB Q2VydGlmaWNhdGU7YmluYXJ5MF0GA1UdHwRWMFQwUqBQoE6GTGh0dHA6Ly9wa2ktY3JsLnN5bWF1 dGguY29tL2NhXzU2MWMxMDM2OTBjOTdhNjkyNDdhMGVmMDcxYWM4MWFmL0xhdGVzdENSTC5jcmww bAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBSMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1 dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTArBgpg hkgBhvhFARADBB0wGwYSYIZIAYb4RQEQAQICBAGGx85vFgUxMDkyMjA5BgpghkgBhvhFARAFBCsw KQIBABYkYUhSMGNITTZMeTl3YTJrdGNtRXVjM2x0WVhWMGFDNWpiMjA9MA0GCSqGSIb3DQEBBQUA A4IBAQA9KvHI6pN0/W4MJl3cATuTU0cdkjZBvfztljunVmn72rij+hJKzSg8lGawguiccFWVqqEl sMIAinuB1zqFe1ILchliltXEj5vPI+HyGxn5akhQuzk7/hmAfs00CC1hbC1HB8r+b7R2s/bkJ7YY fpE0lMd7exB62MccwKh5yFCgxIvxG/irFLjNicpW/C6ixzmuPoKQO9Rs5H9oBnYVxtGpORPt6H5+ DINZOpsbDcnNgi3mIpSK0lapSzVUueOWBJwS5sfjOLe5pBbpvarrZp0zs0gADupX5u1bH0DpSwj1 zN5wP/p5f2h0L2i4rpaU05LLgBzh0JTy+zidLpU8NgAhMYID5DCCA+ACAQEwgbswgaYxCzAJBgNV BAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMg VHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5T eW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2k Exj0ut5oMAkGBSsOAwIaBQCgggH9MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTEzMDcxNTE0MjIzOFowIwYJKoZIhvcNAQkEMRYEFH6SLPtJ9qM9EOD3Z1cjlv9w2gM7 MIHMBgkrBgEEAYI3EAQxgb4wgbswgaYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBD b3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVy c29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwg U3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2kExj0ut5oMIHOBgsqhkiG9w0BCRACCzGBvqCB uzCBpjELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQL ExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR4wHAYDVQQLExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQx NzA1BgNVBAMTLlN5bWFudGVjIENsYXNzIDEgSW5kaXZpZHVhbCBTdWJzY3JpYmVyIENBIC0gRzQC EBh/79fO1xP4TaQTGPS63mgwDQYJKoZIhvcNAQEBBQAEggEAHKwTzKK/2GCl+1y2f3IyT7WuH0Rw GM79flUssfoBdMfqscOvp/xPsGZLy2wYX3vNRQs05QkjoZBsDKqkLDlpzo2xRj/UUblQ5MQtvU1Y H6mMJ+zem6ntB3JCQGBfOLffx86wTejWJ+w/HJkqw7rXCPNUyIKlFn9DsqHFCNaWWk+ElcbyuhxT bd8BJ6uXPZxrL4D9H7PlWgrsi2/5wIJU6w4Z6W/r7iOi+GJpoHbJtcBiRAIXkWqUUx/NwriNwKpE KZOn8m5YMSHRdIXFSzn/PJE5YM1fzK4uKXmBNQ6RCjGQNhIZLaa33Lhea0meUUVVoDlm8+u3CR7m G+ftzJDo6wAAAAAAAA== --Apple-Mail=_D11D114D-2463-4E33-9D93-6498A6EC833C-- From tim@ripe.net Mon Jul 15 07:53:55 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA88E11E8131 for ; Mon, 15 Jul 2013 07:53:54 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ao3ISTx65wVw for ; Mon, 15 Jul 2013 07:53:48 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id 5ADCE11E8118 for ; Mon, 15 Jul 2013 07:53:44 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1Uyk9l-00071c-KD; Mon, 15 Jul 2013 16:53:43 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1Uyk9l-0006Zn-Ge; Mon, 15 Jul 2013 16:53:41 +0200 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Tim Bruijnzeels In-Reply-To: <51E40536.6080808@bbn.com> Date: Mon, 15 Jul 2013 16:53:40 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <9C894960-E4B4-4162-BCC5-D01EFA9EABFD@ripe.net> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> <51E40536.6080808@bbn.com> To: Stephen Kent X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130715 clean X-RIPE-Spam-Level: --- X-RIPE-Spam-Report: Spam Total Points: -3.3 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a07197907f7c98e318638b1c1d8f931e11d57 Cc: sidr@ietf.org Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 14:53:55 -0000 On Jul 15, 2013, at 4:20 PM, Stephen Kent wrote: > I agree with John's characterization of the issue being address by = this I-D. >=20 > I support this I-D because I don't want the lack of a simple = capability like this to > stand in the way of RPKI deployment in ARIN. >=20 +1 As engineer I don't like having this here. On the other hand legal folk = are now insisting that we include a message of the day pointing to terms = and conditions in our rsync server. That considered, using a standard = way to point to a CPS that includes all this information seems a lot = more elegant, and appropriate. If the document is accepted I think more discussion is needed though on = what the RP can do with this information. Currently our validator accepts, and ignores this. I am not convinced = that it is good idea to bother operators with every CPS we encounter. = And I am not sure what an operator is supposed to be able to do with = this information.. choose to accept/reject all certificates and objects = for a certain CPS? I am not in favour of text that is too restrictive.. = that said, if this is accepted then I think that discussion needs to be = resolved. Tim= From tim@ripe.net Mon Jul 15 07:58:50 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7607E11E8118 for ; Mon, 15 Jul 2013 07:58:50 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dottRPr5mJ0s for ; Mon, 15 Jul 2013 07:58:44 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id 66AA021F9EDC for ; Mon, 15 Jul 2013 07:58:44 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1UykEc-0007I9-FL for sidr@ietf.org; Mon, 15 Jul 2013 16:58:43 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1UykEc-00073E-DF for sidr@ietf.org; Mon, 15 Jul 2013 16:58:42 +0200 From: Tim Bruijnzeels Content-Type: multipart/alternative; boundary="Apple-Mail=_501FF8E2-2658-43AA-993C-64A8A8ECCE6C" Message-Id: Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Date: Mon, 15 Jul 2013 16:58:41 +0200 References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> <51E40536.6080808@bbn.com> <9C894960-E4B4-4162-BCC5-D01EFA9EABFD@ripe.net> To: "sidr@ietf.org list" In-Reply-To: <9C894960-E4B4-4162-BCC5-D01EFA9EABFD@ripe.net> X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130715 clean X-RIPE-Spam-Level: --- X-RIPE-Spam-Report: Spam Total Points: -3.3 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a0719c08103ac4452c8caed14e42c9c87a7a9 Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 14:58:50 -0000 --Apple-Mail=_501FF8E2-2658-43AA-993C-64A8A8ECCE6C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi, On Jul 15, 2013, at 4:53 PM, Tim Bruijnzeels wrote: > If the document is accepted I think more discussion is needed though = on what the RP can do with this information. Sorry.. for snoozing.. it's not the adoption call of course, but last = call. My point stands though, I would like to know what I am supposed to do = with this information. I prefer something liberal leaving this = completely to the RP, or RP software even. --Apple-Mail=_501FF8E2-2658-43AA-993C-64A8A8ECCE6C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii tim@ripe.net> = wrote:
If the document is accepted I think = more discussion is needed though on what the RP can do with this = information.
, "Murphy, Sandra" Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: Ac5/P7KlsWW9gua6S/mEz+yRY2Jx6ACSJbqA///q8YA= Date: Mon, 15 Jul 2013 17:07:21 +0000 Message-ID: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.5.130515 x-originating-ip: [10.1.1.56] Content-Type: text/plain; charset="us-ascii" Content-ID: <82EAECBB669F084E8DA412C2075ABB8B@corp.arin.net> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 17:07:53 -0000 On 7/15/13 10:22 AM, "Roque Gagliano (rogaglia)" wrote: >Before sending my support to advance to the IESG, I wanted to ask the >author if they have tested the effects of this change on existing RP >tools. Do they really set the certificate as invalid? Yes, we have tested against the three RP suites. One did not require a change while the other two required simple one line changes. Current releases of all three now accommodate it. -andy From andy@arin.net Mon Jul 15 10:11:43 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1896811E8149 for ; Mon, 15 Jul 2013 10:11:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=4.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bqnF9d8A75Jf for ; Mon, 15 Jul 2013 10:11:38 -0700 (PDT) Received: from smtp1.arin.net (smtp1.arin.net [192.149.252.33]) by ietfa.amsl.com (Postfix) with ESMTP id 87D8211E8184 for ; Mon, 15 Jul 2013 10:11:31 -0700 (PDT) Received: by smtp1.arin.net (Postfix, from userid 323) id 2E9BC1650BA; Mon, 15 Jul 2013 13:11:01 -0400 (EDT) Received: from ASHXCH01.corp.arin.net (ashxch01.corp.arin.net [199.43.0.17]) by smtp1.arin.net (Postfix) with ESMTP id 923851650AC; Mon, 15 Jul 2013 13:11:00 -0400 (EDT) Received: from CHAXCH04.corp.arin.net (10.1.30.19) by ASHXCH01.corp.arin.net (199.43.0.17) with Microsoft SMTP Server (TLS) id 14.1.421.2; Mon, 15 Jul 2013 13:11:00 -0400 Received: from CHAXCH02.corp.arin.net ([169.254.2.236]) by CHAXCH04.corp.arin.net ([10.1.30.19]) with mapi id 14.02.0328.009; Mon, 15 Jul 2013 13:10:58 -0400 From: Andy Newton To: Tim Bruijnzeels , "sidr@ietf.org list" Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: Ac5/P7KlsWW9gua6S/mEz+yRY2Jx6AAL4V4AAEEILAAAAtcuAAABLSeAAEEl0wAAASdYAAAALNqA///h5QA= Date: Mon, 15 Jul 2013 17:10:57 +0000 Message-ID: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.5.130515 x-originating-ip: [10.1.1.56] Content-Type: text/plain; charset="us-ascii" Content-ID: <31584E749ABA4A4FB3126D19EBE92D3E@corp.arin.net> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 17:11:43 -0000 From: Tim Bruijnzeels Date: Monday, July 15, 2013 10:58 AM To: "sidr@ietf.org list" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 >My point stands though, I would like to know what I am supposed to do >with this information. I prefer something liberal leaving this completely >to the RP, or RP software even. > > Tim, Section 4 has the following: "However, this specification, like [RFC5280 ], places no processing requirements on the URI included in the qualifier." I hope that satisfies your concern. -andy From Sandra.Murphy@sparta.com Mon Jul 15 16:08:22 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 622FD11E8109 for ; Mon, 15 Jul 2013 16:08:22 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GdzPhYMiMGcf for ; Mon, 15 Jul 2013 16:08:18 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id DAEA611E8261 for ; Mon, 15 Jul 2013 16:07:56 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6FN7oFD026220 for ; Mon, 15 Jul 2013 16:07:52 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6FN7mfC025708 for ; Mon, 15 Jul 2013 16:07:49 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Mon, 15 Jul 2013 19:07:33 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: WGLC: draft-ietf-sidr-cps (end 2013-03-07 - Mar 07, 2013) Thread-Index: Ac6BpMv3KQyuELThTDio+sZsVii9Qw== Date: Mon, 15 Jul 2013 23:07:32 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749B2A20@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.118] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] WGLC: draft-ietf-sidr-cps (end 2013-03-07 - Mar 07, 2013) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 23:08:22 -0000 During the WGLC for draft-ietf-sidr-cps, the editors suggested the followin= g changes in response to comments received, and those changes were accepted= by the commenters:=0A= =0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05976.html=0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05675.html=0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05674.html=0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05673.html=0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05663.html=0A= =0A= Chris requested a new version of the draft:=0A= =0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05666.html=0A= http://www.ietf.org/mail-archive/web/sidr/current/msg05672.html=0A= =0A= No new version has been submitted. The editors should submit a new version= of the draft including the agreed upon changes.=0A= =0A= --Sandy, speaking for the co-chairs=0A= =0A= From internet-drafts@ietf.org Mon Jul 15 16:27:53 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AAB121E8160; Mon, 15 Jul 2013 16:27:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.534 X-Spam-Level: X-Spam-Status: No, score=-102.534 tagged_above=-999 required=5 tests=[AWL=0.066, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id isMPxLpIQ9pq; Mon, 15 Jul 2013 16:27:53 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F5F011E825F; Mon, 15 Jul 2013 16:27:53 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 4.51.p2 Message-ID: <20130715232753.12165.97911.idtracker@ietfa.amsl.com> Date: Mon, 15 Jul 2013 16:27:53 -0700 Cc: sidr@ietf.org Subject: [sidr] I-D Action: draft-ietf-sidr-bgpsec-overview-03.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jul 2013 23:27:53 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the Secure Inter-Domain Routing Working Group= of the IETF. Title : An Overview of BGPSEC Author(s) : Matt Lepinski Sean Turner Filename : draft-ietf-sidr-bgpsec-overview-03.txt Pages : 10 Date : 2013-07-15 Abstract: This document provides an overview of a security extension to the Border Gateway Protocol (BGP) referred to as BGPSEC. BGPSEC improves security for BGP routing. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-sidr-bgpsec-overview There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-overview-03 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-sidr-bgpsec-overview-03 Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From kseo@bbn.com Mon Jul 15 18:25:00 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8646521F99F6 for ; Mon, 15 Jul 2013 18:25:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iOXORg+4SUDx for ; Mon, 15 Jul 2013 18:24:55 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 231FD21E8084 for ; Mon, 15 Jul 2013 18:24:54 -0700 (PDT) Received: from [128.89.253.125] (port=50369 helo=karen-seos-power-mac-g5.local) by smtp.bbn.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1Uyu0X-0007xd-BX; Mon, 15 Jul 2013 21:24:49 -0400 Message-ID: <51E4A0E0.8060605@bbn.com> Date: Mon, 15 Jul 2013 21:24:48 -0400 From: Karen Seo User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:14.0) Gecko/20120713 Thunderbird/14.0 MIME-Version: 1.0 To: "Murphy, Sandra" References: <24B20D14B2CD29478C8D5D6E9CBB29F6749B2A20@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749B2A20@CVA-MB002.centreville.ads.sparta.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: sidr@ietf.org Subject: Re: [sidr] WGLC: draft-ietf-sidr-cps (end 2013-03-07 - Mar 07, 2013) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 01:25:00 -0000 Hello, Sandy, Ack -- Just want to say that Steve sent me all the necessary mods back when the feedback was sent and that I'm responsible for the delay. I've either been busy or when I've had time, have had no funding. I'm on vacation at the moment but will submit the new version next week when I get back. Karen On 7/15/13 7:07 PM, Murphy, Sandra wrote: > During the WGLC for draft-ietf-sidr-cps, the editors suggested the following changes in response to comments received, and those changes were accepted by the commenters: > > http://www.ietf.org/mail-archive/web/sidr/current/msg05976.html > http://www.ietf.org/mail-archive/web/sidr/current/msg05675.html > http://www.ietf.org/mail-archive/web/sidr/current/msg05674.html > http://www.ietf.org/mail-archive/web/sidr/current/msg05673.html > http://www.ietf.org/mail-archive/web/sidr/current/msg05663.html > > Chris requested a new version of the draft: > > http://www.ietf.org/mail-archive/web/sidr/current/msg05666.html > http://www.ietf.org/mail-archive/web/sidr/current/msg05672.html > > No new version has been submitted. The editors should submit a new version of the draft including the agreed upon changes. > > --Sandy, speaking for the co-chairs > > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr From tim@ripe.net Tue Jul 16 00:37:47 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B754421F9AFE for ; Tue, 16 Jul 2013 00:37:47 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e0XLVI-BRqN8 for ; Tue, 16 Jul 2013 00:37:42 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id BDEF621F85D1 for ; Tue, 16 Jul 2013 00:37:42 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1UyzpM-0007RS-Oz; Tue, 16 Jul 2013 09:37:42 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1UyzpM-0007jr-N8; Tue, 16 Jul 2013 09:37:40 +0200 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Tim Bruijnzeels In-Reply-To: Date: Tue, 16 Jul 2013 09:37:42 +0200 Content-Transfer-Encoding: 7bit Message-Id: <882ABFAA-D1B9-4357-886A-CD70B41F6330@ripe.net> References: To: Andy Newton X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130716 clean X-RIPE-Spam-Level: --- X-RIPE-Spam-Report: Spam Total Points: -3.3 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a071930f213cb29c6248263a13eb66c3da859 Cc: "sidr@ietf.org list" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 07:37:47 -0000 Hi Andy, On Jul 15, 2013, at 7:10 PM, Andy Newton wrote: > From: Tim Bruijnzeels > Date: Monday, July 15, 2013 10:58 AM > To: "sidr@ietf.org list" > Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 > > >> My point stands though, I would like to know what I am supposed to do >> with this information. I prefer something liberal leaving this completely >> to the RP, or RP software even. >> >> > > Tim, > > Section 4 has the following: > "However, this specification, like [RFC5280 > ], > places no processing requirements on the URI included in the > qualifier." > > I hope that satisfies your concern. It does. Thank you for clarifying. Support. From rogaglia@cisco.com Tue Jul 16 01:55:38 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A87C111E826D for ; Tue, 16 Jul 2013 01:55:38 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i9SBNUwd1TIq for ; Tue, 16 Jul 2013 01:55:33 -0700 (PDT) Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id ECD8B11E826B for ; Tue, 16 Jul 2013 01:55:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7606; q=dns/txt; s=iport; t=1373964933; x=1375174533; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=mx/EQsBZn4os9Pb6e8meNkRR0yctN6eqX6yBxwZEMII=; b=C7HFMXPtcykkWV12fCzjNepBx93MUl8PvdYxk5uqOlKCJhPtzPSeandT ntxj/McH+KiQQoAd6PwRw/woganvUmj+/IqgN+aC6ERTWHQ0dQ67cMSgS 4UK2PnErQiK4aK2Eaod9fC/KRdeQbGYbvx/DlD3vzLi67D3OK2Pkp0fZ8 o=; X-Files: smime.p7s : 4459 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AhoFADUK5VGtJV2Z/2dsb2JhbABagwaBA8FegREWdIIjAQEBAwF5BQsCAQgYCiQCMCUCBA4FCAaHfAa2Fo8zMQeDC20DkA+BLZdtgxKBaiQa X-IronPort-AV: E=Sophos;i="4.89,676,1367971200"; d="p7s'?scan'208";a="235410733" Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rcdn-iport-4.cisco.com with ESMTP; 16 Jul 2013 08:55:32 +0000 Received: from xhc-rcd-x08.cisco.com (xhc-rcd-x08.cisco.com [173.37.183.82]) by rcdn-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id r6G8tU4t004871 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 16 Jul 2013 08:55:31 GMT Received: from xmb-rcd-x02.cisco.com ([169.254.4.192]) by xhc-rcd-x08.cisco.com ([173.37.183.82]) with mapi id 14.02.0318.004; Tue, 16 Jul 2013 03:55:30 -0500 From: "Roque Gagliano (rogaglia)" To: Andy Newton Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: AQHOggI43ICaooFB+UuLQGBU0PP5qA== Date: Tue, 16 Jul 2013 08:55:29 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-originating-ip: [10.148.51.90] Content-Type: multipart/signed; boundary="Apple-Mail=_AAD881B5-B8F1-44B7-9E9E-676DF3AC8DE8"; protocol="application/pkcs7-signature"; micalg=sha1 MIME-Version: 1.0 Cc: "Murphy, Sandra" , "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 08:55:38 -0000 --Apple-Mail=_AAD881B5-B8F1-44B7-9E9E-676DF3AC8DE8 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Thanks Andy. Do you think we need to add something in the security section about the = transition? Something like: "A RP that performs a strick validation based on RFC6487 and fails to = support the updates described in this document, would incorrectly = invalidate RPKI signed objects that implements the changes in Section 2. = At the time of this writing, all known RP software suites (you can = mention them as in IDR) were tested and supported the updates on this = document"=20 Roque On Jul 15, 2013, at 7:07 PM, Andy Newton wrote: > On 7/15/13 10:22 AM, "Roque Gagliano (rogaglia)" > wrote: >=20 >> Before sending my support to advance to the IESG, I wanted to ask the >> author if they have tested the effects of this change on existing RP >> tools. Do they really set the certificate as invalid? >=20 > Yes, we have tested against the three RP suites. One did not require a > change while the other two required simple one line changes. Current > releases of all three now accommodate it. >=20 > -andy >=20 --Apple-Mail=_AAD881B5-B8F1-44B7-9E9E-676DF3AC8DE8 Content-Disposition: attachment; filename="smime.p7s" Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINSTCCBkIw ggUqoAMCAQICEDirAC//rpa3Vv85Wvtd5xswDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVT MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y azE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug b25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0 aW9uIEF1dGhvcml0eSAtIEczMB4XDTExMDkwMTAwMDAwMFoXDTIxMDgzMTIzNTk1OVowgaYxCzAJ BgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50 ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQD Ey5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0MIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuwn/R1j9DsdisHTHMjIgoa2uEqGkqqBXHLKMA0vnkEi VzAhJZCao/SsKsaIF4ZhchN2LuwDyyebjyCAN+DkitpVplAP/LlcI2mJQqG6H6/vDvmkyQrx+Dey xtmSSq5937hEH5u6P4wG/tgjT0hRI2pghKjuJy9g35byGiqMPI8AzE/L+iCOvDX24fCatgXz/B0/ xhR7DtryBeTTgwKmxWlwtKnkVunbHVz0pjbia7UeKi3cvrvuOgSwMAitX2hsxr0GloiE5+apZC28 ODC7iCbDZ2ZmtLR3+cChxw5y72bi5bnK4POFdzWY3tQcsP5mceI4y258T0BV65fZqBge7QIDAQAB o4ICRDCCAkAwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxodHRwOi8vcGtpLW9jc3AudmVy aXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwbAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBS MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpo dHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnZl cmlzaWduLmNvbS9wY2ExLWczLmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAY BgNVBAMTEVZlcmlTaWduTVBLSS0yLTk3MB0GA1UdDgQWBBSt+cOTci21uShh5KTXYNXECl4aATCB 8QYDVR0jBIHpMIHmoYHQpIHNMIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu Yy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZl cmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWdu IENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHM4IRAItb dVaEVIULAM+vOEjOsaQwDQYJKoZIhvcNAQEFBQADggEBANaPwdqbiPKzbE0fWC+6AVFddMFG6MO4 e5/WQPHv/zK6iWvADjRDn6SZ5qTwXUgzYoWFYf4jiCKMYJsrnGVJlMSiOCRIpVylUEto6WIip5Po mSJuPVu7EEIOH0x1RzRWCY/4vYw881y70pZwVHBiTe/REL6dSCxe7IZrB4LwPeElJygs4BZ2HrP9 5WKW0oo9Xyuu+1zCE7dlY8s0dkOf1oeZq26tlcEAP0Yngf813iMOQ9wUXzL5yinvwlIw9ZnduYH4 OiUgjYJo8rkhhXRmBOGGORYy8i3WKqjJ3tkAAk/jGCDFpYFWtpXe04Kt+HslvmR8LqC6cCz4+XXi dE0HbYQwggb/MIIF56ADAgECAhAYf+/XztcT+E2kExj0ut5oMA0GCSqGSIb3DQEBBQUAMIGmMQsw CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFu dGVjIFRydXN0IE5ldHdvcmsxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDE3MDUGA1UE AxMuU3ltYW50ZWMgQ2xhc3MgMSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EgLSBHNDAeFw0xMzA1 MTQwMDAwMDBaFw0xNDA1MTUyMzU5NTlaMIHEMS4wLAYDVQQDDCVQZXJzb25hIE5vdCBWYWxpZGF0 ZWQgLSAxMzY4NTI0MDEwMDczMSEwHwYJKoZIhvcNAQkBFhJyb2dhZ2xpYUBjaXNjby5jb20xDzAN BgNVBAsMBlMvTUlNRTEeMBwGA1UECwwVUGVyc29uYSBOb3QgVmFsaWRhdGVkMR8wHQYDVQQLDBZT eW1hbnRlYyBUcnVzdCBOZXR3b3JrMR0wGwYDVQQKDBRTeW1hbnRlYyBDb3Jwb3JhdGlvbjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/aDENz/1kQVeEyPK5cHw3n9c4ErU13WONPXjL7 fHYj0Yr/DSGbdyiWZ001bkIMPxvJbxv4r5EaTq72gHxhTF/frLoM5+sEKAErBPuOqpAAYlxo4uyK U1pQzPy+3rtlVRStNUAJZHVN4kYtHRghGoBCkqh2JoSBMCgc41Mr1UvS3dI4kp5lKEqutKjoDtdc /O4Kee/CLzEy0D8QNOF7OSjrPmed1jsAxxqsv9EHMJvG9z/CIXF2Q/kYf24ozeujCPZVaOTjWVsd BsZSNUaD9LyeGQBtGCXq7e0rUEFPZfsdxUoBoVeTYRYIcloFuiG4QQsvjr6rlFZDbXEhOWOJnRsC AwEAAaOCAwcwggMDMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMCAGA1UdJQEB/wQWMBQG CCsGAQUFBwMEBggrBgEFBQcDAjAdBgNVHQ4EFgQU+K3xGZv+qs21HN5cJGWwMOyfwHcwHQYDVR0R BBYwFIEScm9nYWdsaWFAY2lzY28uY29tMB8GA1UdIwQYMBaAFK35w5NyLbW5KGHkpNdg1cQKXhoB MIIBKwYIKwYBBQUHAQEEggEdMIIBGTCCARUGCCsGAQUFBzAChoIBB2xkYXA6Ly9kaXJlY3Rvcnku dmVyaXNpZ24uY29tL0NOJTIwJTNEJTIwU3ltYW50ZWMlMjBDbGFzcyUyMDElMjBJbmRpdmlkdWFs JTIwU3Vic2NyaWJlciUyMENBJTIwLSUyMEc0JTJDJTIwT1UlMjAlM0QlMjBQZXJzb25hJTIwTm90 JTIwVmFsaWRhdGVkJTJDJTIwT1UlMjAlM0QlMjBTeW1hbnRlYyUyMFRydXN0JTIwTmV0d29yayUy QyUyME8lMjAlM0QlMjBTeW1hbnRlYyUyMENvcnBvcmF0aW9uJTJDJTIwQyUyMCUzRCUyMFVTP2NB Q2VydGlmaWNhdGU7YmluYXJ5MF0GA1UdHwRWMFQwUqBQoE6GTGh0dHA6Ly9wa2ktY3JsLnN5bWF1 dGguY29tL2NhXzU2MWMxMDM2OTBjOTdhNjkyNDdhMGVmMDcxYWM4MWFmL0xhdGVzdENSTC5jcmww bAYDVR0gBGUwYzBhBgtghkgBhvhFAQcXATBSMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LnN5bWF1 dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5bWF1dGguY29tL3JwYTArBgpg hkgBhvhFARADBB0wGwYSYIZIAYb4RQEQAQICBAGGx85vFgUxMDkyMjA5BgpghkgBhvhFARAFBCsw KQIBABYkYUhSMGNITTZMeTl3YTJrdGNtRXVjM2x0WVhWMGFDNWpiMjA9MA0GCSqGSIb3DQEBBQUA A4IBAQA9KvHI6pN0/W4MJl3cATuTU0cdkjZBvfztljunVmn72rij+hJKzSg8lGawguiccFWVqqEl sMIAinuB1zqFe1ILchliltXEj5vPI+HyGxn5akhQuzk7/hmAfs00CC1hbC1HB8r+b7R2s/bkJ7YY fpE0lMd7exB62MccwKh5yFCgxIvxG/irFLjNicpW/C6ixzmuPoKQO9Rs5H9oBnYVxtGpORPt6H5+ DINZOpsbDcnNgi3mIpSK0lapSzVUueOWBJwS5sfjOLe5pBbpvarrZp0zs0gADupX5u1bH0DpSwj1 zN5wP/p5f2h0L2i4rpaU05LLgBzh0JTy+zidLpU8NgAhMYID5DCCA+ACAQEwgbswgaYxCzAJBgNV BAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMg VHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5T eW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2k Exj0ut5oMAkGBSsOAwIaBQCgggH9MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTEzMDcxNjA4NTUzMFowIwYJKoZIhvcNAQkEMRYEFOFAnd5szEiWEmNWJq90PRB3jie/ MIHMBgkrBgEEAYI3EAQxgb4wgbswgaYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBD b3Jwb3JhdGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVy c29uYSBOb3QgVmFsaWRhdGVkMTcwNQYDVQQDEy5TeW1hbnRlYyBDbGFzcyAxIEluZGl2aWR1YWwg U3Vic2NyaWJlciBDQSAtIEc0AhAYf+/XztcT+E2kExj0ut5oMIHOBgsqhkiG9w0BCRACCzGBvqCB uzCBpjELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQL ExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMR4wHAYDVQQLExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQx NzA1BgNVBAMTLlN5bWFudGVjIENsYXNzIDEgSW5kaXZpZHVhbCBTdWJzY3JpYmVyIENBIC0gRzQC EBh/79fO1xP4TaQTGPS63mgwDQYJKoZIhvcNAQEBBQAEggEAg0/Pg6JgXv0eQu9R5KcnjlOj9rHx tgozolqUPLdVxSwJmJDEI15sgf3ZUPT4TLrcaTJbp6CzQqTje3XSkVvK8nukeFPhEW/iLhf2ulyi VIgOa4+/2F8nhE/TBDiITYG+ZwZHG2WfrRoX28J8rH6j6z5lDfx/mdRR3VWXkY/N1xHbNZHjjxug dCzLSR2B6uEtDxhssZEPJJbS4korfMxn8fe4TVmkDy5WJQLzDkx8v3SS+Zx6T13y/rEYphJCvmSP 4r2lW9rKIj3dGZNsz6iaDo9HEv0cY1PFSTUcV3lRTfX2PiE2mBNa4DJkrch05WuJtdV63IS+7c+h rJIO7F/cJQAAAAAAAA== --Apple-Mail=_AAD881B5-B8F1-44B7-9E9E-676DF3AC8DE8-- From tim@ripe.net Tue Jul 16 02:04:32 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56B0411E8275 for ; Tue, 16 Jul 2013 02:04:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ToXJtbqZ+Oo0 for ; Tue, 16 Jul 2013 02:04:27 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id E763011E81CE for ; Tue, 16 Jul 2013 02:04:26 -0700 (PDT) Received: from dodo.ripe.net ([193.0.23.4]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1Uz1BI-0002wM-Qe for sidr@ietf.org; Tue, 16 Jul 2013 11:04:26 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by dodo.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1Uz1BI-0002KP-OI for sidr@ietf.org; Tue, 16 Jul 2013 11:04:24 +0200 From: Tim Bruijnzeels Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: <10D0C98D-1007-4A16-8DF5-81E927DF69B1@ripe.net> Date: Tue, 16 Jul 2013 11:04:26 +0200 To: "sidr@ietf.org list" Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130716 clean X-RIPE-Spam-Level: --- X-RIPE-Spam-Report: Spam Total Points: -3.3 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a0719ad69652edf079315972d45c39d9f81e5 Subject: [sidr] New TAL for RIPE NCC PILOT X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 09:04:32 -0000 Hi all, We have a new TAL for our PILOT rpki service. (Production TA unchanged) rsync://localcert.ripe.net/ta/ripe-ncc-pilot.cer = MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIXenLOBfyo7cOnm4mGKmYxsoWCp28= dw3XJAoZNWPDK8i9MxYACpwfz7bjyGma1BWPBJuievNd6nriFI+3WG+wt2bnO2ZmiLenCwMtm8= bu7BeldpWRwlAnRp4t4IL6sZ7T9bF+4sTrv1qiEANqam0mhtLtUfbWXV5Z4mjgnNur7fJH2lIO= m7Oc2/tok1rid8WsPe18zuvgwA3M0fKQ/Oa4SMXKnHr3fg2cHAm1cfEEvhMKa3rUAvsKGVEYeT= JNg6rh3IRnjWhZ8GmE1ywl/9qMa2z4YsUi9Bx9U+/zMS8qpJn/q6XBbZ8XYTTFvSWfXd6b82jS= fABa4ukIDCUF/QFwIDAQAB The PILOT system is used by our members as a testbed for running both = hosted *and* non-hosted CAs. E.g. Deutsche Telekom is experimenting here = running the rpki.net CA as a child to the RIPE NCC pilot CA. Note that = this is a test system, and the content is not intended to be used for = real routing decisions. Cheers Tim= From tim@ripe.net Tue Jul 16 02:39:53 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1B9E21E81DE for ; Tue, 16 Jul 2013 02:39:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.598 X-Spam-Level: X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SmP-VnYpcrdP for ; Tue, 16 Jul 2013 02:39:48 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id 8AF3B11E8294 for ; Tue, 16 Jul 2013 02:39:40 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1Uz1jN-0004Zy-Rt for sidr@ietf.org; Tue, 16 Jul 2013 11:39:39 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1Uz1jN-0002Xr-OQ for sidr@ietf.org; Tue, 16 Jul 2013 11:39:37 +0200 From: Tim Bruijnzeels Content-Type: multipart/alternative; boundary="Apple-Mail=_769C3106-B707-4CFA-8065-01C87B36EF63" Message-Id: Date: Tue, 16 Jul 2013 11:39:39 +0200 To: "sidr@ietf.org list" Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130716 clean X-RIPE-Spam-Level: --- X-RIPE-Spam-Report: Spam Total Points: -3.3 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a071955ec1022733c6040981d63e7137650fe Subject: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 09:39:53 -0000 --Apple-Mail=_769C3106-B707-4CFA-8065-01C87B36EF63 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 Dear WG, RFC6486 has this to say about the validity times of EE certificates in = manifests: http://tools.ietf.org/html/rfc6486#section-5.1 In the case of a "one-time-use" EE certificate, the validity times of the EE certificate MUST exactly match the thisUpdate and nextUpdate times of the manifest. In the case of a "sequential-use" EE certificate, the validity times of the EE certificate MUST encompass the time interval from thisUpdate to nextUpdate. This causes some issues for our RP software, and I believe it would be = better to remove the difference between one-time-use and sequential-use = here, and go with something like this instead: The validity times of the EE certificate MUST encompass the = time interval from thisUpdate to nextUpdate. Reasons: 1) RP can not distinguish between one-time-use and sequential-use RPs don't know which case they are dealing with, and guessing is = error-prone. So, in our case we are checking for a condition we don't know how to = handle, and in the end we just warn about it.. I am happy to remove this = confusing warning, but then what's the point of limiting this in the = RFC? 2) Stale vs expired manifests See sections 6.3 and 6.4. If a manifest EE certificate is expired, then the manifest is invalid. = However, if the EE certificate is still valid, but it's past the = "nextUpdate" time, then it should be considered "stale". The restriction = in 5.1 prevents that manifests with one-time-use EE certificates can = have this stale state. Yet, this is something a CA may well want to use, = e.g.: - issue EE certificate validity time of 1 week - nextUpdate time 1 day The idea being that under normal circumstances a new manifest would be = issued within 24 hours (or less), and RPs should use the *latest* = manifest available to them, but=85 in case the RP can't reach the = repository, or there is an outage, stale manifests could be used for = some time (per local policy of RPs). We currently allow users to accept stale manifest for X days (default =3D = 0 days). To circumvent the issue that one-time-use EE certs would be = invalid as soon as they go stale we also accept expired manifest for the = same time.. I think this is wrong (e.g. CAs will no longer mention the = EE cert on the CRL if it's expired), and again I am more than happy to = remove this hack.. In short: I think CAs should have the freedom to choose longer validity = times for one-time-use EE certificates. As far as I know *all* = implementations use one-time-use anyway, so if this is not permitted, = then the difference between 6.3 and 6.4 becomes moot in practice. Cheers Tim= --Apple-Mail=_769C3106-B707-4CFA-8065-01C87B36EF63 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=windows-1252 Dear = WG,

RFC6486 has this to say about the validity times = of EE certificates in manifests:


  =        In the case of a "one-time-use" EE = certificate, the validity
        =  times of the EE certificate MUST exactly match the = thisUpdate
         and nextUpdate = times of the manifest.

      =    In the case of a "sequential-use" EE certificate, the = validity
         times of the EE = certificate MUST encompass the time interval
    =      from thisUpdate to = nextUpdate.


This causes = some issues for our RP software, and I believe it would be better to = remove the difference between one-time-use and sequential-use here, and = go with something like this = instead:

        =  The validity times of the EE certificate MUST encompass the = time
         interval from = thisUpdate to = nextUpdate.


Reasons:

1) RP can not distinguish between one-time-use and = sequential-use

RPs don't know which case they = are dealing with, and guessing is = error-prone.

So, in our case we are checking = for a condition we don't know how to handle, and in the end we just warn = about it.. I am happy to remove this confusing warning, but then what's = the point of limiting this in the = RFC?


2) Stale vs expired = manifests

See sections 6.3 and = 6.4.

If a manifest EE certificate is expired, = then the manifest is invalid. However, if the EE certificate is still = valid, but it's past the "nextUpdate" time, then it should be considered = "stale". The restriction in 5.1 prevents that manifests with = one-time-use EE certificates can have this stale state. Yet, this is = something a CA may well want to use, = e.g.:

 - issue EE certificate validity = time of 1 week
 - nextUpdate time 1 = day

The idea being that under normal = circumstances a new manifest would be issued within 24 hours (or less), = and RPs should use the *latest* manifest available to them, but=85 in = case the RP can't reach the repository, or there is an outage, stale = manifests could be used for some time (per local policy of = RPs).

We currently allow users to accept stale = manifest for X days (default =3D 0 days). To circumvent the issue that = one-time-use EE certs would be invalid as soon as they go stale we also = accept expired manifest for the same time.. I think this is wrong (e.g. = CAs will no longer mention the EE cert on the CRL if it's expired), and = again I am more than happy to remove this = hack..


In short: I think CAs = should have the freedom to choose longer validity times for one-time-use = EE certificates. As far as I know *all* implementations use one-time-use = anyway, so if this is not permitted, then the difference between 6.3 and = 6.4 becomes moot in = practice.


Cheers
Tim= --Apple-Mail=_769C3106-B707-4CFA-8065-01C87B36EF63-- From andy@arin.net Tue Jul 16 06:50:01 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0440121E8087 for ; Tue, 16 Jul 2013 06:50:01 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.199 X-Spam-Level: X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[AWL=-1.600, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eSv4GCb+Z2Ee for ; Tue, 16 Jul 2013 06:49:55 -0700 (PDT) Received: from smtp1.arin.net (smtp1.arin.net [IPv6:2001:500:4:13::33]) by ietfa.amsl.com (Postfix) with ESMTP id 9A41321E8050 for ; Tue, 16 Jul 2013 06:49:55 -0700 (PDT) Received: by smtp1.arin.net (Postfix, from userid 323) id 91EDE1651B1; Tue, 16 Jul 2013 09:49:54 -0400 (EDT) Received: from ASHXCH01.corp.arin.net (ashxch01.corp.arin.net [199.43.0.17]) by smtp1.arin.net (Postfix) with ESMTP id 0796616519F; Tue, 16 Jul 2013 09:49:54 -0400 (EDT) Received: from CHAXCH04.corp.arin.net (10.1.30.19) by ASHXCH01.corp.arin.net (199.43.0.17) with Microsoft SMTP Server (TLS) id 14.1.421.2; Tue, 16 Jul 2013 09:49:53 -0400 Received: from CHAXCH02.corp.arin.net ([169.254.2.236]) by CHAXCH04.corp.arin.net ([10.1.30.19]) with mapi id 14.02.0328.009; Tue, 16 Jul 2013 09:49:53 -0400 From: Andy Newton To: "Roque Gagliano (rogaglia)" Thread-Topic: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 Thread-Index: Ac5/P7KlsWW9gua6S/mEz+yRY2Jx6ACSJbqA///q8YCAAUv7gIAADzOA Date: Tue, 16 Jul 2013 13:49:52 +0000 Message-ID: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.5.130515 x-originating-ip: [10.1.1.56] Content-Type: text/plain; charset="us-ascii" Content-ID: <3B34C080AE208F4BAA72C1DC035D2125@corp.arin.net> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "Murphy, Sandra" , "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 13:50:01 -0000 This sounds fine to me, though it is really an interoperability considerations section thingy. The IETF does those now, right? :) -andy On 7/16/13 4:55 AM, "Roque Gagliano (rogaglia)" wrote: >Thanks Andy. > >Do you think we need to add something in the security section about the >transition? > >Something like: > >"A RP that performs a strick validation based on RFC6487 and fails to >support the updates described in this document, would incorrectly >invalidate RPKI signed objects that implements the changes in Section 2. >At the time of this writing, all known RP software suites (you can >mention them as in IDR) were tested and supported the updates on this >document"=20 > >Roque > >On Jul 15, 2013, at 7:07 PM, Andy Newton wrote: > >> On 7/15/13 10:22 AM, "Roque Gagliano (rogaglia)" >> wrote: >>=20 >>> Before sending my support to advance to the IESG, I wanted to ask the >>> author if they have tested the effects of this change on existing RP >>> tools. Do they really set the certificate as invalid? >>=20 >> Yes, we have tested against the three RP suites. One did not require a >> change while the other two required simple one line changes. Current >> releases of all three now accommodate it. >>=20 >> -andy >>=20 > > From Sandra.Murphy@sparta.com Tue Jul 16 08:28:41 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 125A321F88FB for ; Tue, 16 Jul 2013 08:28:29 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fT8SkZ41+38O for ; Tue, 16 Jul 2013 08:28:24 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 5240021F997B for ; Tue, 16 Jul 2013 08:28:24 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6GFSK5F006926 for ; Tue, 16 Jul 2013 10:28:20 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6GFSIEB002747 for ; Tue, 16 Jul 2013 10:28:19 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Tue, 16 Jul 2013 11:28:02 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: I-D Action: draft-rafiee-6man-ssas-05.txt Thread-Index: AQHOgbW5WkbPvjD9Qk2JDh7u1XCYPZlnbNuC Date: Tue, 16 Jul 2013 15:28:01 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749B3C11@CVA-MB002.centreville.ads.sparta.com> References: <20130715234639.18024.78338.idtracker@ietfa.amsl.com> In-Reply-To: <20130715234639.18024.78338.idtracker@ietfa.amsl.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] FW: I-D Action: draft-rafiee-6man-ssas-05.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 15:28:41 -0000 I just noticed this and thought it might be of interest. This draft propos= es a new mechanism to generate IPv6 interface identifiers (IID). Please not= e the reference to the use of the RPKI - described in section 4.3.=0A= =0A= --Sandy, speaking as regular ol' member=0A= =0A= =0A= ________________________________________=0A= From: i-d-announce-bounces@ietf.org [i-d-announce-bounces@ietf.org] on beha= lf of internet-drafts@ietf.org [internet-drafts@ietf.org]=0A= Sent: Monday, July 15, 2013 7:46 PM=0A= To: i-d-announce@ietf.org=0A= Subject: I-D Action: draft-rafiee-6man-ssas-05.txt=0A= =0A= A New Internet-Draft is available from the on-line Internet-Drafts director= ies.=0A= =0A= =0A= Title : A Simple Secure Addressing Scheme for IPv6 AutoCo= nfiguration (SSAS)=0A= Author(s) : Hosnieh Rafiee=0A= Christoph Meinel=0A= Filename : draft-rafiee-6man-ssas-05.txt=0A= Pages : 19=0A= Date : 2013-07-15=0A= =0A= Abstract:=0A= The default method for IPv6 address generation uses an=0A= Organizationally Unique Identifier (OUI) assigned by the IEEE=0A= Standards Association and an Extension Identifier assigned to the=0A= hardware manufacturer [1] (section 2.5.1 RFC-4291) [RFC4291]. This=0A= fact thus means that a node will always have the same Interface ID=0A= (IID) whenever it connects to a new network. Because the node's IP=0A= address does not change, the node will be vulnerable to privacy=0A= related attacks. Currently this problem is addressed by the use of=0A= two mechanisms that do not make use of the MAC address, or other=0A= unique values that can be used for ID generation, for randomizing the=0A= IID; Cryptographically Generated Addresses (CGA) [RFC3972] and=0A= Privacy Extension [RFC4941]. The problem with the former approach is=0A= the computational cost involved for the IID generation and in the=0A= verification process. The problem with the latter approach is that it=0A= lacks necessary security mechanisms and provides the node with only=0A= partial protection against privacy related attacks. This document=0A= proposes the use of a new algorithm for use in the generation of the=0A= IID while, at the same time, securing the node against some types of=0A= attack, like IP spoofing. These attacks are prevented by the addition=0A= of a signature to messages sent over the network and by finding a=0A= binding with the nodes' IP address and its public key. The use of=0A= theResource Public Key Infrastructure (RPKI), introduced in this=0A= document, is based on the centralized version explained in RFC 6494=0A= and RFC 6495.=0A= =0A= =0A= =0A= =0A= The IETF datatracker status page for this draft is:=0A= https://datatracker.ietf.org/doc/draft-rafiee-6man-ssas=0A= =0A= There's also a htmlized version available at:=0A= http://tools.ietf.org/html/draft-rafiee-6man-ssas-05=0A= =0A= A diff from the previous version is available at:=0A= http://www.ietf.org/rfcdiff?url2=3Ddraft-rafiee-6man-ssas-05=0A= =0A= =0A= Internet-Drafts are also available by anonymous FTP at:=0A= ftp://ftp.ietf.org/internet-drafts/=0A= =0A= _______________________________________________=0A= I-D-Announce mailing list=0A= I-D-Announce@ietf.org=0A= https://www.ietf.org/mailman/listinfo/i-d-announce=0A= Internet-Draft directories: http://www.ietf.org/shadow.html=0A= or ftp://ftp.ietf.org/ietf/1shadow-sites.txt=0A= From sra@hactrn.net Tue Jul 16 14:27:30 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9688421F84EF for ; Tue, 16 Jul 2013 14:27:30 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ykZzz8mfqwzO for ; Tue, 16 Jul 2013 14:27:29 -0700 (PDT) Received: from cyteen.hactrn.net (cyteen.hactrn.net [IPv6:2002:425c:4242:0:210:5aff:fe86:1f54]) by ietfa.amsl.com (Postfix) with ESMTP id 8277C21F8459 for ; Tue, 16 Jul 2013 14:27:29 -0700 (PDT) Received: from thrintun.hactrn.net (thrintun.hactrn.net [10.0.1.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id 2715273045 for ; Tue, 16 Jul 2013 21:27:26 +0000 (UTC) Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id DDB22178A4 for ; Tue, 16 Jul 2013 17:27:25 -0400 (EDT) Date: Tue, 16 Jul 2013 17:27:25 -0400 From: Rob Austein To: sidr@ietf.org In-Reply-To: References: User-Agent: Wanderlust/2.14.0 (Africa) Emacs/23.4 Mule/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Message-Id: <20130716212725.DDB22178A4@thrintun.hactrn.net> Subject: Re: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 21:27:30 -0000 At Tue, 16 Jul 2013 11:39:39 +0200, Tim Bruijnzeels wrote: > > RFC6486 has this to say about the validity times of EE certificates in manifests: > > http://tools.ietf.org/html/rfc6486#section-5.1 > > In the case of a "one-time-use" EE certificate, the validity > times of the EE certificate MUST exactly match the thisUpdate > and nextUpdate times of the manifest. > > In the case of a "sequential-use" EE certificate, the validity > times of the EE certificate MUST encompass the time interval > from thisUpdate to nextUpdate. > > > This causes some issues for our RP software, and I believe it would > be better to remove the difference between one-time-use and > sequential-use here, and go with something like this instead: > > The validity times of the EE certificate MUST encompass the time > interval from thisUpdate to nextUpdate. I support this change > In short: I think CAs should have the freedom to choose longer > validity times for one-time-use EE certificates. Agreed. > As far as I know *all* implementations use one-time-use anyway, The rpki.net implementation has always used sequential-use manifest EE certificates. We set the notAfter time of the manifest EE certificate to match the notAfter time of its issuing CA certificate, on the theory that the only reason we're even bothering with a separate EE certificate is that PKIX doesn't allow us to use the CA certificate directly. If we were designing X.509 all over again to support this, I'd class manifests as something to be covered directly by the CA certificate, just as CRLs are. But we're not revising X.509. Manifest EE certificates are required to use RFC 3779 inheritance, so, barring a key compromise, there's generally no pressing reason to regenerate a manifest EE certificate. We can always revoke the manifest EE certificate if really necessary, but optimizing for the key compromise case seems perverse. :) From david@mandelberg.org Tue Jul 16 15:23:09 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57FB721F9DED for ; Tue, 16 Jul 2013 15:23:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.437 X-Spam-Level: X-Spam-Status: No, score=-0.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FB-2FeVzJUtR for ; Tue, 16 Jul 2013 15:23:05 -0700 (PDT) Received: from qmta02.westchester.pa.mail.comcast.net (qmta02.westchester.pa.mail.comcast.net [IPv6:2001:558:fe14:43:76:96:62:24]) by ietfa.amsl.com (Postfix) with ESMTP id 5DA8B21F9302 for ; Tue, 16 Jul 2013 15:23:05 -0700 (PDT) Received: from omta24.westchester.pa.mail.comcast.net ([76.96.62.76]) by qmta02.westchester.pa.mail.comcast.net with comcast id 19ta1m0071ei1Bg51AP4e3; Tue, 16 Jul 2013 22:23:04 +0000 Received: from uriel.mandelberg.org ([IPv6:2001:4830:11a7:2:216:3eff:fe0e:b38c]) by omta24.westchester.pa.mail.comcast.net with comcast id 1AP21m00C1djk4J3kAP4sC; Tue, 16 Jul 2013 22:23:04 +0000 Received: from secure.mandelberg.org (unknown [10.1.2.3]) by uriel.mandelberg.org (Postfix) with ESMTP id 4E0921C603B for ; Tue, 16 Jul 2013 18:25:53 -0400 (EDT) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 16 Jul 2013 18:25:53 -0400 From: David Mandelberg To: In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A6807@CVA-MB001.centreville.ads.sparta.com> References: <20130708201239.8056.871.idtracker@ietfa.amsl.com> <24B20D14B2CD29478C8D5D6E9CBB29F6749A6807@CVA-MB001.centreville.ads.sparta.com> Message-ID: <24080cf1575abd4b5e3a409a98baa88f@mail.mandelberg.org> X-Sender: david@mandelberg.org User-Agent: Roundcube Webmail/0.7.2 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1374013384; bh=NZePuZ18ddtn0o1md6R/OXBq3eGFgYCwwrMbTcNOIs4=; h=Received:Received:Received:MIME-Version:Content-Type:Date:From:To: Subject:Message-ID; b=GK/9WvyOOPaICUBCSdIuWXSydgqt2+7Oi4COzVD5rbPH7LxdyIw++427vgFaLXuDq QWwpeeWTMnZwPgN2paoCiv5rDRvTMTmMKSMnaZY3A9YuN4ChK5xHtxd6nIMSGKvAW6 4oTpCcyAwtYqKYh9bQM3etZCISfBfeCYUXNxgqy2XN1ia5/OqvZdQkUBs3dbBW/XgS v8EXU5S/8MJFDQ/I+8f08DoU3DpUzFb6HPTKSyNfj+NcQ8cS76GvK3+plTkhq4oXg8 9SH8apAx7O0bjifBVLoD08w2gDaWn1QztLnBY6uopLeXVrPp0bU0h/+Wueenno3O/W FPXXpWNhEzKdA== Subject: Re: [sidr] FW: I-D Action: draft-huston-rpki-validation-00.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 22:23:09 -0000 Hi, I took a look at this draft, but haven't read it in depth yet. One potential issue I see is that it removes the possibility of an optimization technique that could significantly decrease the processing time needed for RPKI validation. It's currently possible to optimize validation for CA certs that don't inherit resources by validating each parent-child link independently of the parent's parent or the child's children. One benefit of this is that links can be verified in parallel on a multi-core machine. If the validation status of each link is stored in a database, then another benefit is that adding a new leaf node certificate only requires validating the leaf against its parent and checking the database for the validity of the parent. Also, if the resources of a TA change, the children and affected grandchildren need to be re-validated but the unaffected grandchildren don't need any additional processing. If I understand this document's proposal correctly, all of these optimizations would become invalid. On 2013-07-11 06:20, Murphy, Sandra wrote: > I just saw this. Looks interesting. > > --Sandy, speaking as regular ol' member > > ________________________________________ > From: i-d-announce-bounces@ietf.org [i-d-announce-bounces@ietf.org] > on behalf of internet-drafts@ietf.org [internet-drafts@ietf.org] > Sent: Monday, July 08, 2013 4:12 PM > To: i-d-announce@ietf.org > Subject: I-D Action: draft-huston-rpki-validation-00.txt > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > Title : RPKI Validation Reconsidered > Author(s) : Geoff Huston > George Michaelson > Filename : draft-huston-rpki-validation-00.txt > Pages : 12 > Date : 2013-07-08 > > Abstract: > This document reviews the certificate validation procedure > specified > in RFC6487 and highlights aspects of operational management of > certificates in the RPKI in response to the movement of resources > across registries, and the associated actions of Certification > Authorities to maintain certification of resources during this > movement. The document describes an alternative validation > procedure > that reduces the operational impact of certificate management > during > resource movement. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-huston-rpki-validation > > There's also a htmlized version available at: > http://tools.ietf.org/html/draft-huston-rpki-validation-00 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > I-D-Announce mailing list > I-D-Announce@ietf.org > https://www.ietf.org/mailman/listinfo/i-d-announce > Internet-Draft directories: http://www.ietf.org/shadow.html > or ftp://ftp.ietf.org/ietf/1shadow-sites.txt > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr -- David Eric Mandelberg / dseomn http://david.mandelberg.org/ From sra@hactrn.net Tue Jul 16 16:15:33 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A57BE21F9DAF for ; Tue, 16 Jul 2013 16:15:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pt-kBQlyv+DG for ; Tue, 16 Jul 2013 16:15:31 -0700 (PDT) Received: from cyteen.hactrn.net (cyteen.hactrn.net [IPv6:2002:425c:4242:0:210:5aff:fe86:1f54]) by ietfa.amsl.com (Postfix) with ESMTP id 810BB21F9DA8 for ; Tue, 16 Jul 2013 16:15:27 -0700 (PDT) Received: from thrintun.hactrn.net (thrintun.hactrn.net [10.0.1.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id C081073045 for ; Tue, 16 Jul 2013 23:15:24 +0000 (UTC) Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id 7FA02178A4 for ; Tue, 16 Jul 2013 19:15:24 -0400 (EDT) Date: Tue, 16 Jul 2013 19:15:24 -0400 From: Rob Austein To: sidr@ietf.org In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/23.4 Mule/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Message-Id: <20130716231524.7FA02178A4@thrintun.hactrn.net> Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 23:15:33 -0000 Have read I-D, and support adoption. From sra@hactrn.net Tue Jul 16 16:32:31 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3C1A21F84E3 for ; Tue, 16 Jul 2013 16:32:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BNMkm88ZXwAG for ; Tue, 16 Jul 2013 16:32:26 -0700 (PDT) Received: from cyteen.hactrn.net (cyteen.hactrn.net [66.92.66.68]) by ietfa.amsl.com (Postfix) with ESMTP id 8145C21F9D45 for ; Tue, 16 Jul 2013 16:32:26 -0700 (PDT) Received: from thrintun.hactrn.net (thrintun.hactrn.net [10.0.1.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id 7B41173045 for ; Tue, 16 Jul 2013 23:32:25 +0000 (UTC) Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id 3DEFD178A4 for ; Tue, 16 Jul 2013 19:32:25 -0400 (EDT) Date: Tue, 16 Jul 2013 19:32:25 -0400 From: Rob Austein To: sidr@ietf.org In-Reply-To: <882ABFAA-D1B9-4357-886A-CD70B41F6330@ripe.net> References: <882ABFAA-D1B9-4357-886A-CD70B41F6330@ripe.net> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/23.4 Mule/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Message-Id: <20130716233225.3DEFD178A4@thrintun.hactrn.net> Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Jul 2013 23:32:31 -0000 As the authors of this I-D already know, I had essentially the same concerns as Tim, for the same reason: as the implementor of a validation engine, I don't want to have to deal with whacky special processing to support somebody else's lawyers. I do not support publication of this document as an RFC, although I am willing to stand aside of the WG achieves rough consensus that this change is necessary. My main reason for not supporting it is that, even with the text in the I-D, this still looks like an attractive nuisance. Given that we already have an RIR which makes people sign an NDA to get a copy of their TAL, it is not all that far-fetched to imagine that same RIR adding a contractual requirement that one also promise to do additional checks outside the core specification using this URI. The text currently in the I-D doesn't rule this out, it just says that the I-D itself adds no such requirements. Not terribly reassuring. From tim@ripe.net Wed Jul 17 00:54:24 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 722E321F9D87 for ; Wed, 17 Jul 2013 00:54:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wB6d8jJqyCbp for ; Wed, 17 Jul 2013 00:54:18 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id 624AB21F9D30 for ; Wed, 17 Jul 2013 00:54:17 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1UzMYu-000281-9a; Wed, 17 Jul 2013 09:54:14 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1UzMYu-00018M-7b; Wed, 17 Jul 2013 09:54:12 +0200 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Tim Bruijnzeels In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Date: Wed, 17 Jul 2013 09:54:12 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <3B906D38-8112-4B3B-A626-B9BFB670885A@ripe.net> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> To: "Murphy, Sandra" X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130717 clean X-RIPE-Spam-Level: -- X-RIPE-Spam-Report: Spam Total Points: -2.9 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a071981583fbcdbc17dd7aae857a325d26e82 Cc: sidr wg list Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jul 2013 07:54:25 -0000 Have read and support adoption. I agree with Randy's remark that 6810bis would be a better path, but = that can be fixed later. On Jul 4, 2013, at 11:36 PM, "Murphy, Sandra" = wrote: > On behalf of the sidr co-chairs, this opens a two week wg adoption = call for the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption = call will end 18 July 2013. >=20 > Please respond to the list as to whether you agree the wg should take = this on as a wg work item. (It is not necessary to comment on the draft = content at this time.) >=20 > --Sandy, speaking as wg co-chair >=20 > ________________________________________ > From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Randy = Bush [randy@psg.com] > Sent: Monday, April 08, 2013 8:57 PM > To: sidr wg list > Subject: [sidr] draft-ymbk-rpki-rtr-keys-01.txt >=20 > chairs, >=20 > could you please turn the crank to move this through wg adoption? > thanks >=20 > fwiw, i doubt it will move through to wglc/rfc, but rather a 6810bis > may be the better path. >=20 > randy >=20 >=20 > From: internet-drafts@ietf.org > To: randy@psg.com > Cc: keyupate@cisco.com, turners@ieca.com > Subject: New Version Notification for draft-ymbk-rpki-rtr-keys-01.txt > Message-ID: <20130409005340.26017.92925.idtracker@ietfa.amsl.com> > Date: Mon, 08 Apr 2013 17:53:40 -0700 >=20 >=20 > A new version of I-D, draft-ymbk-rpki-rtr-keys-01.txt > has been successfully submitted by Randy Bush and posted to the > IETF repository. >=20 > Filename: draft-ymbk-rpki-rtr-keys > Revision: 01 > Title: Router Key PDU for RPKI-Router Protocol > Creation date: 2013-04-09 > Group: Individual Submission > Number of pages: 5 > URL: = http://www.ietf.org/internet-drafts/draft-ymbk-rpki-rtr-ke=3D > ys-01.txt > Status: = http://datatracker.ietf.org/doc/draft-ymbk-rpki-rtr-keys > Htmlized: = http://tools.ietf.org/html/draft-ymbk-rpki-rtr-keys-01 > Diff: = http://www.ietf.org/rfcdiff?url2=3D3Ddraft-ymbk-rpki-rtr-key=3D > s-01 >=20 > Abstract: > The RPKI/Router Protocol v0 is specified to carry the PDUs necessary > for RPKI-based Origin Validation. For BGPsec Path Validation, the > routers also need data extracted from BGPsec Router Certificates. > This document adds a PDU to the RPKI/Router Protocol to carry those > data. >=20 > The IETF Secretariat >=20 > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr From randy@psg.com Wed Jul 17 10:18:12 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5AD421F9AB3 for ; Wed, 17 Jul 2013 10:18:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7FKXLwPgcYnD for ; Wed, 17 Jul 2013 10:18:12 -0700 (PDT) Received: from ran.psg.com (unknown [IPv6:2001:418:8006::19]) by ietfa.amsl.com (Postfix) with ESMTP id 4F39521F8DA3 for ; Wed, 17 Jul 2013 10:18:12 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from ) id 1UzVMg-0006e5-Lf; Wed, 17 Jul 2013 17:18:11 +0000 Date: Wed, 17 Jul 2013 10:18:10 -0700 Message-ID: From: Randy Bush To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749B3C11@CVA-MB002.centreville.ads.sparta.com> References: <20130715234639.18024.78338.idtracker@ietfa.amsl.com> <24B20D14B2CD29478C8D5D6E9CBB29F6749B3C11@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: sidr wg list Subject: Re: [sidr] FW: I-D Action: draft-rafiee-6man-ssas-05.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jul 2013 17:18:12 -0000 > Title : A Simple Secure Addressing Scheme for IPv6 > AutoConfiguration (SSAS) Author(s) : Hosnieh Rafiee > Christoph Meinel > Filename : draft-rafiee-6man-ssas-05.txt Pages : 19 Date : > 2013-07-15 > > I just noticed this and thought it might be of interest. i scanned it. anyone have a ten foot pole i can borrow? randy From kent@bbn.com Wed Jul 17 10:36:09 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61B5521F9E5C for ; Wed, 17 Jul 2013 10:36:09 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fvz2oIQotF6k for ; Wed, 17 Jul 2013 10:36:03 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 8A77521F9D01 for ; Wed, 17 Jul 2013 10:36:03 -0700 (PDT) Received: from dhcp89-089-218.bbn.com ([128.89.89.218]:56907) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1UzVdv-000OFY-JL; Wed, 17 Jul 2013 13:35:59 -0400 Message-ID: <51E6D5FF.6030802@bbn.com> Date: Wed, 17 Jul 2013 13:35:59 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Tim Bruijnzeels References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "sidr@ietf.org list" Subject: Re: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jul 2013 17:36:09 -0000 Tim, Section 5.1 of RFC 6486 is titled "Manifest Generation Procedure." This it is a set of directions to the CA creating the manifest, not directions to an RP verifying a manifest. Section 6 is the discussion of what a relying party is supposed to do with a manifest. My quick re-read of Section 6 does not call for an RP to check that the validity time is consistent with the single-use vs. sequential-use EE cert criteria in 5.1. So, the primary concern you cited, i.e., that an RP cannot know which test to apply, is not a valid reason to change this text. I agree that the invalid vs. stale disparity that arises because of the directions to CAs on manifest EE cert generation is an awkward one. Your example of a manifest with a planned daily update, but a cert that is valid for a week, is an reasonable operational model. If RPs continue to fetch data based on what has changed, then a manifest that is slated to change, but doesn't, doesn't impose an addition sync load. If an RP were to fetch data based on when it says it will expire, then this might be less desirable. So we might take that into consideration when suggesting this model. If we had guidelines for best practices for pub point management, with suggested rates of change, we might better understand the possible impact of this operational model. For example, if the recommended frequency of CRL issuance is daily, then the manifest ought to change daily as well, the there's a decent chance that the CRL and the manifest are either both stale or current. So, while I believe that there is no need to change the 5.1 text based on the RP concern you cited, I support a change to that text to allow CAs more flexibility in managing the EE cert validity in manifests, and to remove the single-use vs. sequential-use EE cert distinction. Would you like to propose and share text for the suggested change? We may have to issue a new RFC, updating 6486, since this does represent a technical change to how we say a CA should behave. Steve From Sandra.Murphy@sparta.com Thu Jul 18 07:41:52 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 790DA21E80F5 for ; Thu, 18 Jul 2013 07:41:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cPX9AstZu7bk for ; Thu, 18 Jul 2013 07:41:47 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id 030B521E80FA for ; Thu, 18 Jul 2013 07:41:46 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6IEfkY8023449 for ; Thu, 18 Jul 2013 07:41:46 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6IEfj10028640 for ; Thu, 18 Jul 2013 07:41:46 -0700 Received: from CVA-MB001.centreville.ads.sparta.com ([fe80::58b4:c7c2:f9d:dff9]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Thu, 18 Jul 2013 10:41:22 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: agenda posted Thread-Index: Ac6DwIQ/hm8iFlsIQCC2Ug0PVRgexQ== Date: Thu, 18 Jul 2013 14:41:20 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749BB2BE@CVA-MB001.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] agenda posted X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jul 2013 14:41:52 -0000 The draft agenda was posted yesterday. RIght now, as typical for this wg,= the agenda is light. If you do have a topic that you would like to discus= s in the meeting, please do send the list and the chairs a request as soon = as possible.=0A= =0A= If a previous request for meeting time is not represented in the agenda, pl= ease do let the chairs known as soon as possible.=0A= =0A= SIDR meets in two sessions - one hour Wednesday afternoon and two hours on = Friday (*). Presentations are not yet assigned to sessions. Any presenter= who has a reason to prefer one of the sessions, please let the chairs know= . Anyone who prefers that a topic be discussed in a particular sessions, p= lease let the chairs know.=0A= =0A= --Sandy, speaking a co-chair=0A= =0A= =0A= ()*) (Technically, the two hours on Friday are two meeting sessions back-to= -back with a short break in the middle.)= From Sandra.Murphy@sparta.com Fri Jul 19 05:10:08 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 584A121E80B0 for ; Fri, 19 Jul 2013 05:10:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L+amztnbZ9ue for ; Fri, 19 Jul 2013 05:10:04 -0700 (PDT) Received: from Uther.sparta.com (uther.sparta.com [157.185.0.2]) by ietfa.amsl.com (Postfix) with ESMTP id 1D9BC21E80AA for ; Fri, 19 Jul 2013 05:10:04 -0700 (PDT) Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6JCA3pi000853 for ; Fri, 19 Jul 2013 05:10:03 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6JCA2in009744 for ; Fri, 19 Jul 2013 05:10:03 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Fri, 19 Jul 2013 08:09:36 -0400 From: "Murphy, Sandra" To: sidr wg list Thread-Topic: WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt Thread-Index: AQHOeP5fNE9ZmHDHgkWYQ//us2zAkJlr/q1C Date: Fri, 19 Jul 2013 12:09:35 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C288E@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749764D5@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jul 2013 12:10:08 -0000 It is now 12:09am on Jul 19th on Baker Island in the AoE time zone, so I t= hink it is safe to say we've past the Jul 18th everywhere on earth. There have been six responses, all recommending adoption. The working group consensus as expressed on the mailing list is for adoptio= n. The draft editors may submit this as a wg draft. --Sandy, speaking as one of the co-chairs ________________________________________ From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Murphy, Sa= ndra [Sandra.Murphy@sparta.com] Sent: Thursday, July 04, 2013 5:36 PM To: sidr wg list Subject: [sidr] WG adtoption call for draft-ymbk-rpki-rtr-keys-01.txt On behalf of the sidr co-chairs, this opens a two week wg adoption call for= the draft draft-ymbk-rpki-rtr-keys-01.txt. The wg adoption call will end = 18 July 2013. Please respond to the list as to whether you agree the wg should take this = on as a wg work item. (It is not necessary to comment on the draft content= at this time.) --Sandy, speaking as wg co-chair ________________________________________ From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Randy Bush= [randy@psg.com] Sent: Monday, April 08, 2013 8:57 PM To: sidr wg list Subject: [sidr] draft-ymbk-rpki-rtr-keys-01.txt chairs, could you please turn the crank to move this through wg adoption? thanks fwiw, i doubt it will move through to wglc/rfc, but rather a 6810bis may be the better path. randy From: internet-drafts@ietf.org To: randy@psg.com Cc: keyupate@cisco.com, turners@ieca.com Subject: New Version Notification for draft-ymbk-rpki-rtr-keys-01.txt Message-ID: <20130409005340.26017.92925.idtracker@ietfa.amsl.com> Date: Mon, 08 Apr 2013 17:53:40 -0700 A new version of I-D, draft-ymbk-rpki-rtr-keys-01.txt has been successfully submitted by Randy Bush and posted to the IETF repository. Filename: draft-ymbk-rpki-rtr-keys Revision: 01 Title: Router Key PDU for RPKI-Router Protocol Creation date: 2013-04-09 Group: Individual Submission Number of pages: 5 URL: http://www.ietf.org/internet-drafts/draft-ymbk-rpki-rtr-ke= =3D ys-01.txt Status: http://datatracker.ietf.org/doc/draft-ymbk-rpki-rtr-keys Htmlized: http://tools.ietf.org/html/draft-ymbk-rpki-rtr-keys-01 Diff: http://www.ietf.org/rfcdiff?url2=3D3Ddraft-ymbk-rpki-rtr-k= ey=3D s-01 Abstract: The RPKI/Router Protocol v0 is specified to carry the PDUs necessary for RPKI-based Origin Validation. For BGPsec Path Validation, the routers also need data extracted from BGPsec Router Certificates. This document adds a PDU to the RPKI/Router Protocol to carry those data. The IETF Secretariat _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr= From tim@ripe.net Fri Jul 19 05:34:37 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE6FE11E8124 for ; Fri, 19 Jul 2013 05:34:37 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q3Cz7RgD0srH for ; Fri, 19 Jul 2013 05:34:32 -0700 (PDT) Received: from postgirl.ripe.net (postgirl.ipv6.ripe.net [IPv6:2001:67c:2e8:11::c100:1342]) by ietfa.amsl.com (Postfix) with ESMTP id D861111E8123 for ; Fri, 19 Jul 2013 05:34:31 -0700 (PDT) Received: from ayeaye.ripe.net ([193.0.23.5]) by postgirl.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1V09tB-0007wg-Qi; Fri, 19 Jul 2013 14:34:28 +0200 Received: from puppy.ripe.net ([193.0.1.230] helo=[IPv6:::1]) by ayeaye.ripe.net with esmtps (TLSv1:AES128-SHA:128) (Exim 4.72) (envelope-from ) id 1V09tB-0001eG-Ob; Fri, 19 Jul 2013 14:34:25 +0200 Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Tim Bruijnzeels In-Reply-To: <51E6D5FF.6030802@bbn.com> Date: Fri, 19 Jul 2013 14:34:25 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <23E19953-DFC2-4331-B497-60BC0FFDEB37@ripe.net> References: <51E6D5FF.6030802@bbn.com> To: Stephen Kent X-Mailer: Apple Mail (2.1508) X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.48/RELEASE, bases: 20120425 #7816575, check: 20130719 clean X-RIPE-Spam-Level: -- X-RIPE-Spam-Report: Spam Total Points: -2.9 points pts rule name description ---- ---------------------- ------------------------------------ -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] X-RIPE-Signature: 784d7acfe6559f2a0b602ec6519a0719f56fbf8f1b4b74f91777f83b4ba8f909 Cc: Sandra Murphy , "sidr@ietf.org list" Subject: Re: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jul 2013 12:34:38 -0000 Hi Steve, I think we agree for the most part on the idea to remove the restriction = for single use EE certificate. To quote and answer to the end of your = mail first: Sandy, I am not sure, but this may be short topic for one of the = sessions. Especially if we want to say anything about best practices for = CAs. > So, while I believe that there is no need to change the 5.1 text based = on the > RP concern you cited, I support a change to that text to allow CAs = more > flexibility in managing the EE cert validity in manifests, and to = remove the > single-use vs. sequential-use EE cert distinction. >=20 > Would you like to propose and share text for the suggested change? We = may have to > issue a new RFC, updating 6486, since this does represent a technical = change to > how we say a CA should behave. I proposed to change this text in section 5.1: In the case of a "one-time-use" EE certificate, the validity times of the EE certificate MUST exactly match the thisUpdate and nextUpdate times of the manifest. In the case of a "sequential-use" EE certificate, the validity times of the EE certificate MUST encompass the time interval from thisUpdate to nextUpdate. To: The validity times of the EE certificate MUST encompass the = time interval from thisUpdate to nextUpdate. =20 That said I think there are quite a few details left that are worth = discussing. > Section 5.1 of RFC 6486 is titled "Manifest Generation Procedure." = This it is a set of directions to the CA creating the manifest, not = directions to an RP verifying a > manifest. Section 6 is the discussion of what a relying party is = supposed to do with a manifest. My quick re-read of Section 6 does not = call for an RP to check that the validity time is consistent with the = single-use vs. sequential-use EE cert criteria in 5.1. So, the primary = concern you cited, i.e., that an RP cannot know which test to apply, is = not a valid > reason to change this text. Although I agree in general with the approach to "be strict in what you = send, and liberal in what you accept" I just found this instance = confusing. It was not 100% clear to me if I should care as an RP.=20 In any case, I am happy to remove this check, and only care about valid, = stale, invalid.. > I agree that the invalid vs. stale disparity that arises because of = the directions to > CAs on manifest EE cert generation is an awkward one. > Your example of a manifest with > a planned daily update, but a cert that is valid for a week, is an = reasonable operational > model. If RPs continue to fetch data based on what has changed, then a = manifest that is > slated to change, but doesn't, doesn't impose an addition sync load. = If an RP were to > fetch data based on when it says it will expire, then this might be = less desirable. So > we might take that into consideration when suggesting this model. As I understand there are three cases with regards to stale and invalid = based on time (ignoring other cases): -1 Manifest is current =3D now is after thisUpdate and before nextUpdate && =3D now is within EE Certificate validity time -2 Manifest is stale =3D now is after nextUpdate =3D now is within EE Certificate validity time -3 Manifest is invalid =3D now is outside of (after) EE Certificate validity time The current text allows for all three states to exist for multi-use EE = certificates, but only 1 and 3 can exist for single use. I want remove = this restriction, because RP treatment of "stale" is different from = "invalid", and as a CA I want to be able influence this. > If we had guidelines for best practices for pub point management, with = suggested > rates of change, we might better understand the possible impact of = this operational > model. For example, if the recommended frequency of CRL issuance is = daily, then the > manifest ought to change daily as well, the there's a decent chance = that the CRL and > the manifest are either both stale or current. I agree that best practices would be good, both for CA and RP. Is this something to discuss shortly? As a start=85 W.r.t. RP: - I would advise against fetching new manifests based on the expiry of = the EE cert if that date is after the nextUpdate. - I would advice that RPs fetch new data at least in advance of the=20 - I think RPs are free to poll more frequently =85. W.r.t. CAs: - I would advise to limit the nextUpdate time to a window that forms = the 'optimal compromise' between: - being overrun by RPs trying to get new data - workload of generating new certificates - too slow propagation times for new products - to -router - The RIR implementations all use 24 hours I think, this seems = reasonable. - I would advise that longer EE certificate time should be used to = prevent that manifests are immediately invalid if RPs only fetch close to the nextUpdate time, and are unsuccessful for = whatever reason Al that is best current practice for the current implementation. I think that a faster notification mechanisms and propagation times are = a real need expressed by operators and should be addressed in future = work. Tim From turners@ieca.com Fri Jul 19 07:02:49 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7C1121E80B9 for ; Fri, 19 Jul 2013 07:02:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.164 X-Spam-Level: X-Spam-Status: No, score=-102.164 tagged_above=-999 required=5 tests=[AWL=0.101, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4sFr87cZt9f2 for ; Fri, 19 Jul 2013 07:02:43 -0700 (PDT) Received: from gateway16.websitewelcome.com (gateway16.websitewelcome.com [67.18.44.28]) by ietfa.amsl.com (Postfix) with ESMTP id EBE5E21E80D7 for ; Fri, 19 Jul 2013 07:02:39 -0700 (PDT) Received: by gateway16.websitewelcome.com (Postfix, from userid 5007) id 4CC24A9E39AA5; Fri, 19 Jul 2013 09:02:10 -0500 (CDT) Received: from gator1743.hostgator.com (gator1743.hostgator.com [184.173.253.227]) by gateway16.websitewelcome.com (Postfix) with ESMTP id BB359A9E39873 for ; Fri, 19 Jul 2013 09:02:09 -0500 (CDT) Received: from [74.96.0.204] (port=49605 helo=thunderfish.local) by gator1743.hostgator.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1V0BGV-0003au-DT; Fri, 19 Jul 2013 09:02:35 -0500 Message-ID: <51E946FA.6010906@ieca.com> Date: Fri, 19 Jul 2013 10:02:34 -0400 From: Sean Turner User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Stephen Kent References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> <95789E5C-80B0-4307-9471-C116DB8219A5@arin.net> <51E2481E.7060103@gmail.com> <51E40536.6080808@bbn.com> In-Reply-To: <51E40536.6080808@bbn.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator1743.hostgator.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - ieca.com X-BWhitelist: no X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (thunderfish.local) [74.96.0.204]:49605 X-Source-Auth: sean.turner@ieca.com X-Email-Count: 1 X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IxNzQzLmhvc3RnYXRvci5jb20= Cc: sidr@ietf.org Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jul 2013 14:02:50 -0000 On 7/15/13 10:20 AM, Stephen Kent wrote: > I agree with John's characterization of the issue being address by this > I-D. > > I support this I-D because I don't want the lack of a simple capability > like this to > stand in the way of RPKI deployment in ARIN. +1 to supporting progression of this draft to the IESG I hate qualifiers but understand why they wan them and if this somehow slows down adopting/deployment I'm good with letting it go. spt From Sandra.Murphy@sparta.com Fri Jul 19 13:01:08 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 085DB21E808D for ; Fri, 19 Jul 2013 13:01:08 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sYq-62nd+SR0 for ; Fri, 19 Jul 2013 13:01:03 -0700 (PDT) Received: from M4.sparta.com (M4.sparta.com [157.185.61.2]) by ietfa.amsl.com (Postfix) with ESMTP id 08E5811E80F4 for ; Fri, 19 Jul 2013 13:00:55 -0700 (PDT) Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6JK0p03027519 for ; Fri, 19 Jul 2013 15:00:51 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6JK0oOh020648 for ; Fri, 19 Jul 2013 15:00:51 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Fri, 19 Jul 2013 16:00:24 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: draft-ietf-sidr-rpsl-sig - interest and help Thread-Index: AQHOhLoifxrtwNB8ykmXBZdSD5IZRw== Date: Fri, 19 Jul 2013 20:00:24 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3A6C@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: [sidr] draft-ietf-sidr-rpsl-sig - interest and help X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Jul 2013 20:01:08 -0000 There's a draft draft-ietf-sidr-rpsl-sig that has expired. The two authors= are Robert Kisteleki of RIPE and Brian Haberman. Both were assigned new c= onsuming duties and have not had time to work on this for a while.=0A= =0A= The authors have both told me on different occasions that they still see a = need for this work and want to continue it. But the wg discussion on this = has not been energetic.=0A= =0A= They'd like to be sure the wg is still interested in this work.=0A= =0A= And I would say that they could use some editing help.=0A= =0A= Is there continuing interest in the work?=0A= Is there a volunteer to help?=0A= =0A= --Sandy, speaking as one of the co-chairs= From prvs=09133812c6=sandra.murphy@parsons.com Sat Jul 20 12:42:24 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17F6911E8116 for ; Sat, 20 Jul 2013 12:42:24 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9DFzkvDGm8dV for ; Sat, 20 Jul 2013 12:42:19 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id 3A41811E811B for ; Sat, 20 Jul 2013 12:42:18 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6KJeeDx028316 for ; Sat, 20 Jul 2013 14:42:07 -0500 Received: from m4.sparta.com (m4.sparta.com [157.185.61.2]) by txdal11mx03.parsons.com with ESMTP id 1dqkpcakrw-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Sat, 20 Jul 2013 14:42:06 -0500 Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6KJg5AG032472 for ; Sat, 20 Jul 2013 14:42:05 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6KJg5hI006589 for ; Sat, 20 Jul 2013 14:42:05 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Sat, 20 Jul 2013 15:41:36 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: facebook RPKI announcement Thread-Index: Ac6ExWHVtVAxjEvKQHSQDiLYWkgM3Q== Date: Sat, 20 Jul 2013 19:41:35 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-20_06:2013-07-19, 2013-07-20, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=8.27032886618895e-12 kscore.compositescore=0 circleOfTrustscore=47.84 compositescore=0.0466050682299926 urlsuspect_oldscore=0.466050682299926 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=5980 rbsscore=0.0466050682299926 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307200181 Subject: [sidr] facebook RPKI announcement X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Jul 2013 19:43:57 -0000 So far all I've seen is a tweet:=0A= =0A= https://twitter.com/mikjimenez/status/355350244499791873=0A= =0A= The HE site shows keys for all their prefixes, v4 and v6.=0A= =0A= --Sandy, speaking as regular ol' member= From Jac.Kloots@surfnet.nl Sun Jul 21 01:21:59 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5105521F9F13 for ; Sun, 21 Jul 2013 01:21:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.504 X-Spam-Level: X-Spam-Status: No, score=-0.504 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XQTtOZR4dOqj for ; Sun, 21 Jul 2013 01:21:54 -0700 (PDT) Received: from ms10.zimbra.surfnet.nl (ms10.zimbra.surfnet.nl [145.97.20.37]) by ietfa.amsl.com (Postfix) with ESMTP id D2C6621F9B94 for ; Sun, 21 Jul 2013 01:21:52 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by ms10.zimbra.surfnet.nl (Postfix) with ESMTP id AA9A87C5246A; Sun, 21 Jul 2013 10:21:51 +0200 (CEST) X-Virus-Scanned: amavisd-new at ms10.zimbra.surfnet.nl Received: from ms10.zimbra.surfnet.nl ([127.0.0.1]) by localhost (ms10.zimbra.surfnet.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vkf5hrFJRQyf; Sun, 21 Jul 2013 10:21:51 +0200 (CEST) Received: from [192.168.1.14] (095-096-137-087.static.chello.nl [95.96.137.87]) by ms10.zimbra.surfnet.nl (Postfix) with ESMTPSA id 7C5BF7C5242D; Sun, 21 Jul 2013 10:21:51 +0200 (CEST) Date: Sun, 21 Jul 2013 10:21:54 +0200 (CEST) From: Jac Kloots X-X-Sender: kloots@dhcp-194.surfnet.nl To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> User-Agent: Alpine 2.00 (OSX 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: "sidr@ietf.org" Subject: Re: [sidr] facebook RPKI announcement X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Jul 2013 08:21:59 -0000 On Sat, 20 Jul 2013, Murphy, Sandra wrote: > So far all I've seen is a tweet: > > https://twitter.com/mikjimenez/status/355350244499791873 > > The HE site shows keys for all their prefixes, v4 and v6. They serve as a good example for the other Alexa top500s: http://rpki.surfnet.nl/top500.php Jac -- Jac Kloots Network Services SURFnet bv From randy@psg.com Sun Jul 21 04:36:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E7EF21E804B for ; Sun, 21 Jul 2013 04:36:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.589 X-Spam-Level: X-Spam-Status: No, score=-2.589 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AU09Qe-VX5sb for ; Sun, 21 Jul 2013 04:36:14 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [198.180.150.18]) by ietfa.amsl.com (Postfix) with ESMTP id 2965F21F9D45 for ; Sun, 21 Jul 2013 04:36:14 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from ) id 1V0rvu-0001GR-Ew; Sun, 21 Jul 2013 11:36:10 +0000 Date: Sun, 21 Jul 2013 04:36:09 -0700 Message-ID: From: Randy Bush To: Jac Kloots In-Reply-To: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: sidr wg list Subject: Re: [sidr] facebook RPKI announcement X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Jul 2013 11:36:18 -0000 > http://rpki.surfnet.nl/top500.php and the cool page of the month award goes to jac! randy From hschiller@google.com Mon Jul 22 08:20:46 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4AEC21E80BC for ; Mon, 22 Jul 2013 08:20:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.977 X-Spam-Level: X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NZeEQ2cpDkPj for ; Mon, 22 Jul 2013 08:20:41 -0700 (PDT) Received: from mail-lb0-x22a.google.com (mail-lb0-x22a.google.com [IPv6:2a00:1450:4010:c04::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 4F1DF11E8111 for ; Mon, 22 Jul 2013 08:20:40 -0700 (PDT) Received: by mail-lb0-f170.google.com with SMTP id u10so3958676lbi.15 for ; Mon, 22 Jul 2013 08:20:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=/MsDPpx/OjV665Sp5Ac7KzR5eiL10a3r0A5cnCSxMM0=; b=ZoT6PLiXji3d+ZRBosJ66TXSYJPzmwzwCjUm+vxZHDpxPFRCeBpZ0auokoG+uo289b nEhaFq0cLBQCSkMgy0oHcoh3MViyhhF7qCWbB1Q4o2B2L9WIY9fI5LbIVjy0xCPdPMq+ c3sP0KMqJ2BLALhFez9VcYmo7FO1/xZN9zF3eQrh2BUQnaw7f5gTu0wzavgs3/RrOrU9 Y7E4jBXS3iaLtI9TIHD384G3HWYA34BJQjkRAiWO2AhFI6bEtpbLDtJPsDezupF7x0XA Mlyfw6e3Tv1JzyYh5Bd9lzimhu6kKU9GhSXyVNlOhiudhtlLc6i1N26SzS+U4M0GigKI olNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=/MsDPpx/OjV665Sp5Ac7KzR5eiL10a3r0A5cnCSxMM0=; b=mTcLiJ7bEr/YRp/1MspL30Y9jHGSwuKmxfGxs1sF18yhsusD4bbcNuzGPgvzd3gmC4 kFCHDarLdXU1wzpl6YBpbgeewA0HhA46TjUzKZ5sBzj5dyOrNWWNS8xxOunVKgohQlgN zXIBzeqTdRELqkM1X+D2FnW3rc0wKjShUbAUcocY4lk9Yl9QqtFAGr+EPfS2ZhjJm0T5 En6EAB24BMgV32BNYx0YVF9DWLDGXa3Fy1SEWWP42Te0d+SwlXTHflSN/mKHBrH+1tGL YlaJfUzbJ3NukKsY3yByGAs6At26Y+LSRDJxV6visuNTckpVY5BhBhwJ4Zw5+Yyz2VOM qxyg== MIME-Version: 1.0 X-Received: by 10.152.2.201 with SMTP id 9mr12467108law.84.1374506438998; Mon, 22 Jul 2013 08:20:38 -0700 (PDT) Received: by 10.112.13.202 with HTTP; Mon, 22 Jul 2013 08:20:38 -0700 (PDT) In-Reply-To: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> Date: Mon, 22 Jul 2013 11:20:38 -0400 Message-ID: From: Heather Schiller To: Randy Bush Content-Type: multipart/alternative; boundary=089e013c676009d5a504e21b3897 X-Gm-Message-State: ALoCoQkuCZ+awnaiVMnBfmRyadHn6GwLVs73PZVfBcDoMJuxDm4gJYMVY8TDmsBCWJlGhONhgR39avVGtVSiWTA+Y5HKd5x7b8MLA9g3KQ2yEbPQ63VM/T4rVw7QeN3ScyNht2cakiiF5UfaES1bSvsX1isOV+WYrehb+/wsrAnaFY/dJzJc++QasGuTOY+X2IFVfFZ5qH4j Cc: sidr wg list Subject: Re: [sidr] facebook RPKI announcement X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jul 2013 15:20:47 -0000 --089e013c676009d5a504e21b3897 Content-Type: text/plain; charset=ISO-8859-1 Where is the like button!? ;-) --heather On Sun, Jul 21, 2013 at 7:36 AM, Randy Bush wrote: > > http://rpki.surfnet.nl/top500.php > > and the cool page of the month award goes to jac! > > randy > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > --089e013c676009d5a504e21b3897 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Where is the like button!? ;-)

=A0--hea= ther


On Sun, Jul 21, 2013 at 7:36 AM, Randy Bush <randy@psg.com> w= rote:
> http://rpki.surfnet.nl/top500.php

and the cool page of the month award goes to jac!

randy
_____________________= __________________________
sidr mailing list
sidr@ietf.org
ht= tps://www.ietf.org/mailman/listinfo/sidr

--089e013c676009d5a504e21b3897-- From Jac.Kloots@surfnet.nl Mon Jul 22 09:16:00 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FAFA21E8093 for ; Mon, 22 Jul 2013 09:16:00 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.796 X-Spam-Level: X-Spam-Status: No, score=0.796 tagged_above=-999 required=5 tests=[AWL=-1.300, BAYES_50=0.001, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sAJ4neaTqAnU for ; Mon, 22 Jul 2013 09:15:55 -0700 (PDT) Received: from ms10.zimbra.surfnet.nl (ms10.zimbra.surfnet.nl [145.97.20.37]) by ietfa.amsl.com (Postfix) with ESMTP id EA79B21E80A7 for ; Mon, 22 Jul 2013 09:15:54 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by ms10.zimbra.surfnet.nl (Postfix) with ESMTP id 3D4217C5252D; Mon, 22 Jul 2013 18:15:53 +0200 (CEST) X-Virus-Scanned: amavisd-new at ms10.zimbra.surfnet.nl Received: from ms10.zimbra.surfnet.nl ([127.0.0.1]) by localhost (ms10.zimbra.surfnet.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6azjymRxIWUn; Mon, 22 Jul 2013 18:15:53 +0200 (CEST) Received: from [192.168.1.14] (095-096-137-087.static.chello.nl [95.96.137.87]) by ms10.zimbra.surfnet.nl (Postfix) with ESMTPSA id 0F1317C5252C; Mon, 22 Jul 2013 18:15:53 +0200 (CEST) Date: Mon, 22 Jul 2013 18:15:51 +0200 (CEST) From: Jac Kloots X-X-Sender: kloots@dhcp-194.surfnet.nl To: Heather Schiller In-Reply-To: Message-ID: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C3BAE@CVA-MB002.centreville.ads.sparta.com> User-Agent: Alpine 2.00 (OSX 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: sidr wg list Subject: Re: [sidr] facebook RPKI announcement X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jul 2013 16:16:00 -0000 On Mon, 22 Jul 2013, Heather Schiller wrote: > Where is the like button!? ;-) Will implement a like button when the number two on the list turns green too ;) Jac >>> http://rpki.surfnet.nl/top500.php >> and the cool page of the month award goes to jac! >> -- Jac Kloots Network Services SURFnet bv From achi@bbn.com Thu Jul 25 13:47:27 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2216E21F9263 for ; Thu, 25 Jul 2013 13:47:27 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.74 X-Spam-Level: X-Spam-Status: No, score=-4.74 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CMUCzoMABog for ; Thu, 25 Jul 2013 13:47:21 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id 84B7321F933B for ; Thu, 25 Jul 2013 13:47:19 -0700 (PDT) Received: from dhcp89-089-010.bbn.com ([128.89.89.10]:57661 helo=[127.0.0.1]) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1V2SRP-000Bva-5C; Thu, 25 Jul 2013 16:47:15 -0400 Message-ID: <51F18EC3.9000207@bbn.com> Date: Thu, 25 Jul 2013 16:46:59 -0400 From: Andrew Chi User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr wg , rpstir-announce@bbn.com, rpki@rpki.net Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: [sidr] RPSTIR v0.8 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jul 2013 20:47:27 -0000 Quick announcement: we've released a new version of the BBN RPKI validator, Relying Party Security Technology for Internet Routing (RPSTIR). As before, it's BSD licensed, and can be downloaded here: https://sourceforge.net/projects/rpstir/ Change Log for version 0.8: * Support Ghostbusters Records [RFC 6493]. * Fix a SQL injection bug when a filename in a manifest contains certain characters. * Fix a bug where CRLs were not being marked as invalid when their issuers became invalid and manifests were not being marked as invalid when their associated EE certificates became invalid. * Fix the query client (rpstir-query) to not consider it an error when no results are returned for a query. * Require ROA EE certificates to explicitly specify IP resources. That is, disallow RFC 3779 "inherit" bit in ROA EE certificates. * Add functionality to rpstir-results for outputting simple lists of good and bad URIs, to simplify comparison testing. * On installation, create ${bindir} if it does not already exist. * Improve README based on user feedback. We welcome feedback and bug reports at rpstir-support@bbn.com. Andrew From danny@tcb.net Thu Jul 25 14:05:57 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08AB321F864D for ; Thu, 25 Jul 2013 14:05:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -100.437 X-Spam-Level: X-Spam-Status: No, score=-100.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n0SIl2+mXUaO for ; Thu, 25 Jul 2013 14:05:52 -0700 (PDT) Received: from mail.friendswithtools.org (unknown [64.78.239.70]) by ietfa.amsl.com (Postfix) with ESMTP id 727B321F9302 for ; Thu, 25 Jul 2013 14:05:46 -0700 (PDT) Received: from dspam (unknown [127.0.0.1]) by mail.friendswithtools.org (Postfix) with SMTP id E0D6A300051 for ; Thu, 25 Jul 2013 21:05:45 +0000 (UTC) Received: from dul1dmcphers-m1.vcorp.ad.vrsn.com (nat1.corp-fo.iad1.verisign.com [216.168.230.7]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.friendswithtools.org (Postfix) with ESMTPSA id 89A2A300050; Thu, 25 Jul 2013 15:05:45 -0600 (MDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) From: Danny McPherson In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> Date: Thu, 25 Jul 2013 17:05:44 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <24B20D14B2CD29478C8D5D6E9CBB29F6749A84D9@CVA-MB001.centreville.ads.sparta.com> To: "Murphy, Sandra" X-Mailer: Apple Mail (2.1508) X-DSPAM-Result: Innocent X-DSPAM-Processed: Thu Jul 25 15:05:45 2013 X-DSPAM-Confidence: 1.0000 X-DSPAM-Improbability: 1 in 98689409 chance of being spam X-DSPAM-Probability: 0.0023 X-DSPAM-Signature: 51f1932942078352016879 X-DSPAM-Factors: 27, 2013+at, 0.40000, not+seen, 0.40000, security+#+being, 0.40000, or+#+#+believe, 0.40000, the+#+it, 0.40000, for+wglc, 0.40000, Even+#+#+#+unusual, 0.40000, need+#+On, 0.40000, queried+#+authors, 0.40000, chairs+#+queried, 0.40000, stronger+than, 0.40000, been+#+#+draft, 0.40000, Sandra+#+#+com, 0.40000, response+#+publish, 0.40000, Url*policy, 0.40000, have+queried, 0.40000, Jul+12, 0.40000, at+#+14, 0.40000, support+the, 0.40000, This+#+#+3, 0.40000, call+#+one, 0.40000, new+version, 0.40000, Can't+#+#+#+This, 0.40000, to+#+#+draft, 0.40000, and+straightforward, 0.40000, call+#+#+#+for, 0.40000, Please+#+#+#+to, 0.40000 Cc: "sidr@ietf.org" Subject: Re: [sidr] wglc draft-ietf-sidr-policy-qualifiers-00 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jul 2013 21:05:57 -0000 I support the publication of this and understand the practical need. -danny On Jul 12, 2013, at 5:14 PM, "Murphy, Sandra" = wrote: > The chairs have queried the authors of = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. The response was that the draft is ready for wglc. >=20 > There was general agreement on this draft during the adoption call, = with one request for additional security considerations being addressed = in the new version. The draft is short and straightforward and the wg = has not seen fit to comment further. >=20 > Even so, it is unusual to publish a draft with so little comment = during the time it has been a wg draft. The chairs will be looking for = a stronger than usual response. Can't publish without reviews! >=20 > This starts a 3 week wglc on draft = draft-ietf-sidr-policy-qualifiers-00, Policy Qualifiers in RPKI = Certificates. Please do send comments to the list, indicating that you = do or do not believe that the draft is ready for publication. >=20 > The draft is available at = http://tools.ietf.org/html/draft-ietf-sidr-policy-qualifiers-00. >=20 > --Sandy, speaking for the co-chairs > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr >=20 From prvs=0919bc7b90=sandra.murphy@parsons.com Fri Jul 26 09:29:44 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95F6021F9A7E for ; Fri, 26 Jul 2013 09:29:44 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.499 X-Spam-Level: X-Spam-Status: No, score=-2.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1zmD6p8FHq+O for ; Fri, 26 Jul 2013 09:29:39 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id 6CB2821F8E70 for ; Fri, 26 Jul 2013 09:29:39 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6QGK67l017804; Fri, 26 Jul 2013 11:29:35 -0500 Received: from m4.sparta.com (m4.sparta.com [157.185.61.2]) by txdal11mx03.parsons.com with ESMTP id 1duuwtr8rw-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Fri, 26 Jul 2013 11:29:34 -0500 Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6QGTXd6006161; Fri, 26 Jul 2013 11:29:33 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6QGTSvJ010206; Fri, 26 Jul 2013 11:29:28 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Fri, 26 Jul 2013 12:28:40 -0400 From: "Murphy, Sandra" To: Tim Bruijnzeels , Stephen Kent Thread-Topic: [sidr] Erratum for RFC6486? (manifests) Thread-Index: AQHOgghlQeiQIrI2D06jymIcofxCv5lpZzCAgALQaICACv5qXQ== Date: Fri, 26 Jul 2013 16:28:40 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C7967@CVA-MB002.centreville.ads.sparta.com> References: <51E6D5FF.6030802@bbn.com>, <23E19953-DFC2-4331-B497-60BC0FFDEB37@ripe.net> In-Reply-To: <23E19953-DFC2-4331-B497-60BC0FFDEB37@ripe.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-26_07:2013-07-26, 2013-07-26, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=5.55111512312578e-17 kscore.compositescore=0 circleOfTrustscore=0.922245805066741 compositescore=0.0543551683579278 urlsuspect_oldscore=0.228934748274223 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0543551683579278 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307260112 Cc: "sidr@ietf.org list" Subject: Re: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jul 2013 16:29:44 -0000 >Sandy, I am not sure, but this may be short topic for=A0=0A= >one of the sessions. Especially if we want to say anything=A0=0A= >about best practices for CAs.=0A= ....=0A= >That said I think there are quite a few details left that are worth discus= sing.=0A= =0A= =0A= The conversation stopped with that, which means people lost interest, or=A0= =0A= they're waiting for the discussion.=0A= =0A= So I added it to the agenda.=0A= =0A= (And baring any response about time constraints from presenters or those in= terested in a discussion, the talks will be bound to agenda slots by Monday= .)=0A= =0A= --Sandy, speaking as co-chair=0A= =0A= =0A= ________________________________________=0A= From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Tim Bruijn= zeels [tim@ripe.net]=0A= Sent: Friday, July 19, 2013 8:34 AM=0A= To: Stephen Kent=0A= Cc: Murphy, Sandra; sidr@ietf.org list=0A= Subject: Re: [sidr] Erratum for RFC6486? (manifests)=0A= =0A= Hi Steve,=0A= =0A= I think we agree for the most part on the idea to remove the restriction fo= r single use EE certificate. To quote and answer to the end of your mail fi= rst:=0A= =0A= Sandy, I am not sure, but this may be short topic for one of the sessions. = Especially if we want to say anything about best practices for CAs.=0A= =0A= > So, while I believe that there is no need to change the 5.1 text based on= the=0A= > RP concern you cited, I support a change to that text to allow CAs more= =0A= > flexibility in managing the EE cert validity in manifests, and to remove = the=0A= > single-use vs. sequential-use EE cert distinction.=0A= >=0A= > Would you like to propose and share text for the suggested change? We may= have to=0A= > issue a new RFC, updating 6486, since this does represent a technical cha= nge to=0A= > how we say a CA should behave.=0A= =0A= I proposed to change this text in section 5.1:=0A= =0A= In the case of a "one-time-use" EE certificate, the validity=0A= times of the EE certificate MUST exactly match the thisUpdate=0A= and nextUpdate times of the manifest.=0A= =0A= In the case of a "sequential-use" EE certificate, the validity=0A= times of the EE certificate MUST encompass the time interval=0A= from thisUpdate to nextUpdate.=0A= =0A= To:=0A= =0A= The validity times of the EE certificate MUST encompass the time= =0A= interval from thisUpdate to nextUpdate.=0A= =0A= =0A= That said I think there are quite a few details left that are worth discuss= ing.=0A= =0A= =0A= > Section 5.1 of RFC 6486 is titled "Manifest Generation Procedure." This i= t is a set of directions to the CA creating the manifest, not directions to= an RP verifying a=0A= > manifest. Section 6 is the discussion of what a relying party is supposed= to do with a manifest. My quick re-read of Section 6 does not call for an = RP to check that the validity time is consistent with the single-use vs. se= quential-use EE cert criteria in 5.1. So, the primary concern you cited, i.= e., that an RP cannot know which test to apply, is not a valid=0A= > reason to change this text.=0A= =0A= Although I agree in general with the approach to "be strict in what you sen= d, and liberal in what you accept" I just found this instance confusing. It= was not 100% clear to me if I should care as an RP.=0A= =0A= In any case, I am happy to remove this check, and only care about valid, st= ale, invalid..=0A= =0A= =0A= > I agree that the invalid vs. stale disparity that arises because of the d= irections to=0A= > CAs on manifest EE cert generation is an awkward one.=0A= =0A= > Your example of a manifest with=0A= > a planned daily update, but a cert that is valid for a week, is an reason= able operational=0A= > model. If RPs continue to fetch data based on what has changed, then a ma= nifest that is=0A= > slated to change, but doesn't, doesn't impose an addition sync load. If a= n RP were to=0A= > fetch data based on when it says it will expire, then this might be less = desirable. So=0A= > we might take that into consideration when suggesting this model.=0A= =0A= =0A= As I understand there are three cases with regards to stale and invalid bas= ed on time (ignoring other cases):=0A= =0A= -1 Manifest is current=0A= =3D now is after thisUpdate and before nextUpdate &&=0A= =3D now is within EE Certificate validity time=0A= =0A= -2 Manifest is stale=0A= =3D now is after nextUpdate=0A= =3D now is within EE Certificate validity time=0A= =0A= -3 Manifest is invalid=0A= =3D now is outside of (after) EE Certificate validity time=0A= =0A= The current text allows for all three states to exist for multi-use EE cert= ificates, but only 1 and 3 can exist for single use. I want remove this res= triction, because RP treatment of "stale" is different from "invalid", and = as a CA I want to be able influence this.=0A= =0A= =0A= > If we had guidelines for best practices for pub point management, with su= ggested=0A= > rates of change, we might better understand the possible impact of this o= perational=0A= > model. For example, if the recommended frequency of CRL issuance is daily= , then the=0A= > manifest ought to change daily as well, the there's a decent chance that = the CRL and=0A= > the manifest are either both stale or current.=0A= =0A= I agree that best practices would be good, both for CA and RP.=0A= =0A= Is this something to discuss shortly?=0A= =0A= As a start=85=0A= =0A= W.r.t. RP:=0A= - I would advise against fetching new manifests based on the expiry of the= EE cert if that date is after the nextUpdate.=0A= - I would advice that RPs fetch new data at least in advance of the=0A= - I think RPs are free to poll more frequently=0A= =85.=0A= =0A= W.r.t. CAs:=0A= - I would advise to limit the nextUpdate time to a window that forms the '= optimal compromise' between:=0A= - being overrun by RPs trying to get new data=0A= - workload of generating new certificates=0A= - too slow propagation times for new products - to -router=0A= =0A= - The RIR implementations all use 24 hours I think, this seems reasonable= .=0A= =0A= - I would advise that longer EE certificate time should be used to preven= t that manifests are immediately invalid if RPs=0A= only fetch close to the nextUpdate time, and are unsuccessful for whate= ver reason=0A= =0A= Al that is best current practice for the current implementation.=0A= =0A= I think that a faster notification mechanisms and propagation times are a r= eal need expressed by operators and should be addressed in future work.=0A= =0A= Tim=0A= =0A= =0A= =0A= _______________________________________________=0A= sidr mailing list=0A= sidr@ietf.org=0A= https://www.ietf.org/mailman/listinfo/sidr=0A= From baerm@tislabs.com Fri Jul 26 10:36:53 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A46DF11E80F4 for ; Fri, 26 Jul 2013 10:36:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mwQTSIGlWceR for ; Fri, 26 Jul 2013 10:36:53 -0700 (PDT) Received: from mail.mikesoffice.com (dnsv6.mikesoffice.com [IPv6:2001:470:1f05:274::1]) by ietfa.amsl.com (Postfix) with ESMTP id B2F2011E8115 for ; Fri, 26 Jul 2013 10:36:51 -0700 (PDT) Received: from localhost (rebma.ipv6.mikesoffice.com [IPv6:2001:470:1f05:274:d69a:20ff:feb8:b0b2]) by mail.mikesoffice.com (Postfix) with ESMTPSA id 8B33561333; Fri, 26 Jul 2013 10:36:50 -0700 (PDT) From: Michael Baer To: sidr@ietf.org X-Face: "*g#dUT3; 8M9AE5dLk\\b4G\cNCQkRb.g/2QwEXQKf.: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Subject: [sidr] Error handling in bgpsec protocol draft X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Jul 2013 18:43:18 -0000 Hi All, I've been working on a implementation of BGPSEC. Recently I was looking through error handling in the BGPSEC protocol draft and also looking at the IDR draft for BGP error handling (draft-ietf-idr-error-handling-04.txt). And I think we should expand the error handling descriptions in the protocol draft. There are several errors where the error handling is pretty specific: - how to treat a confederation flag incorrectly set (same as an incorrectly received AS_CONFED_SEQUENCE), - unsupported signature (unsigned) - ROA-fail (not valid), - signature-fail (not valid) But I found some of the error handling ambiguous. In particular, section 5.2 describes that for the following errors in an UPDATE message's BGPSEC attribute: - syntactically incorrect - Does not hove a Signature segment per Secure_Path segment - UPDATE Messages also has an AS_PATH attribute - pcount=0, but peer is not expected set pcount=0 (e.g. is not expected to be a route server) That the response should be to notify the operator, and treat consistently with other BGP errors. My best guess for the proper response based on that would be to send the peer a Notification indicating an UPDATE Message Error with a sub-code of maybe 'Malformed Attribute List'? and then session-close. As I would prefer not to guess :), I think the protocol draft should have a more specific response description. After reading the IDR document, I've also been convinced that session-close is often a poor response, if it can be avoided. It describes three main responses to errors: session-close (pretty much the standard response in 4271), treat-as-withdraw, and attribute-discard (this would be equivalent to how the current BGPSEC protocol draft handles a BGPSEC attribute with unsupported signatures). My reading of RFC 4271 is that it is perfectly legal (and even suggested) that a new BGP attribute describe it's own error handling. The IDR document (if it becomes an RFC) would require a new BGP attributes to describe its error handling. So I have several suggestions for error handling of the BGPSEC attribute for: - syntactic errors - No signature per Secure_Path error - AS_path included - pcount=0 errors (and I would be willing to write text for the document if there is agreement it should be done, or at least no disagreement) - At a minimum, add an additional error sub-code indicating a Malformed BGPSEC Attribute and use that in the NOTIFICATION message / session-close response. And indicate what should be in the data field for each error. - Better would be to send the NOTIFICATION as above but treat the UPDATE as a route withdrawal for these errors (not a session-close). - Possibly add additional error sub-codes for 1+ of the errors. In particular, AS_Path inclusion could have a separate error value as it is not really a malformed BGPSEC attribute. Thoughts?/Complaints? -Mike -- Michael Baer baerm@tislabs.com Parsons - Tislabs From kent@bbn.com Mon Jul 29 01:21:15 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0969C21F9D2F for ; Mon, 29 Jul 2013 01:21:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -106.599 X-Spam-Level: X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qemo40T8hOJT for ; Mon, 29 Jul 2013 01:21:02 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id D4D7321F9D3E for ; Mon, 29 Jul 2013 01:21:00 -0700 (PDT) Received: from dommiel.bbn.com ([192.1.122.15]:55505 helo=dhcp-13ac.meeting.ietf.org) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1V3ihI-0005fU-CX; Mon, 29 Jul 2013 04:20:52 -0400 Message-ID: <51F625E3.8060702@bbn.com> Date: Mon, 29 Jul 2013 04:20:51 -0400 From: Stephen Kent User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130107 Thunderbird/17.0.2 MIME-Version: 1.0 To: "Murphy, Sandra" References: <51E6D5FF.6030802@bbn.com>, <23E19953-DFC2-4331-B497-60BC0FFDEB37@ripe.net> <24B20D14B2CD29478C8D5D6E9CBB29F6749C7967@CVA-MB002.centreville.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749C7967@CVA-MB002.centreville.ads.sparta.com> Content-Type: text/plain; charset=Windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: "sidr@ietf.org list" Subject: Re: [sidr] Erratum for RFC6486? (manifests) X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 08:21:15 -0000 Sandy, I think this is a good topic to cover, but I also think the doc needs to be an update, vs. an erratum. Steve From prvs=1922d2af91=sandra.murphy@parsons.com Mon Jul 29 02:46:49 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7F8E21F9B5C for ; Mon, 29 Jul 2013 02:46:49 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.562 X-Spam-Level: X-Spam-Status: No, score=-2.562 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ir8M8t00cNYS for ; Mon, 29 Jul 2013 02:46:44 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id 9A40721F96A8 for ; Mon, 29 Jul 2013 02:46:42 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6T9ejsL011049 for ; Mon, 29 Jul 2013 04:46:42 -0500 Received: from m4.sparta.com (m4.sparta.com [157.185.61.2]) by txdal11mx03.parsons.com with ESMTP id 1dwh0q12r5-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 04:46:41 -0500 Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6T9kaWC015452 for ; Mon, 29 Jul 2013 04:46:36 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6T9kaoq017971 for ; Mon, 29 Jul 2013 04:46:36 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Mon, 29 Jul 2013 05:45:40 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: presenters: send in your slides before hand! Thread-Index: Ac6MPzPvXRWZzSdkQn+JVdRspAWzew== Date: Mon, 29 Jul 2013 09:45:39 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C7EB3@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-29_01:2013-07-26, 2013-07-29, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=2 kscore.is_bulkscore=9.44022637838771e-13 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0543551683579278 urlsuspect_oldscore=0.543551683579278 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0543551683579278 spamscore=2 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307290017 Subject: [sidr] presenters: send in your slides before hand! X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 09:46:50 -0000 Presenters, be sure to get your slides to the chairs (sidr-chairs@ietf.org)= so that they can be uploaded to the materials site.=0A= =0A= Please do number your slides.=0A= =0A= All attendees, but particularly remote attendees, appreciate having numbere= d slides available before the session.=0A= =0A= For the Wed session, please send slides to the chairs by the start of sessi= ons Wed morning.=0A= =0A= For the Fri session, please send slides to the chairs by Thu evening.=0A= =0A= --Sandy, speaking as one of the co-chairs= From prvs=1922d2af91=sandra.murphy@parsons.com Mon Jul 29 07:25:59 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8FFC21F9C7E for ; Mon, 29 Jul 2013 07:25:57 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.579 X-Spam-Level: X-Spam-Status: No, score=-2.579 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8BJmjdLYY-dL for ; Mon, 29 Jul 2013 07:25:52 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id 77EB121F999A for ; Mon, 29 Jul 2013 07:25:47 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6TEPiGW024857 for ; Mon, 29 Jul 2013 09:25:46 -0500 Received: from uther.sparta.com (uther.sparta.com [157.185.0.2]) by txdal11mx03.parsons.com with ESMTP id 1dwqqf8vq6-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Mon, 29 Jul 2013 09:25:45 -0500 Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6TEPSoj001521 for ; Mon, 29 Jul 2013 07:25:28 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6TEPSxf024476 for ; Mon, 29 Jul 2013 07:25:28 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Mon, 29 Jul 2013 10:24:31 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: WGLC on draft-ietf-sidr-rpki-rtr-impl-01 Thread-Index: Ac18mPOGHW8RHAApQbyV52bpT9uaK0PzCh0l Date: Mon, 29 Jul 2013 14:24:31 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8050@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F625F61435@Hermes.columbia.ads.sparta.com> In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F625F61435@Hermes.columbia.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-29_02:2013-07-29, 2013-07-29, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=1.37850841852583e-12 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0616162242266031 urlsuspect_oldscore=0.616162242266031 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0616162242266031 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307290055 Subject: Re: [sidr] WGLC on draft-ietf-sidr-rpki-rtr-impl-01 X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 14:25:59 -0000 The response to this wglc was quite small, though positive.=0A= =0A= This draft is a survey of existing implementations, so not a document subje= ct to much dispute. The working group chairs have read the document and ar= e satisfied as to its readiness for publication.=0A= =0A= An implementation report is one of the progress requirements for protocols = in the Standards track.=0A= =0A= A publication request will be sent as soon as the authors have replied to t= he required confirmation of IPR disclosure.=0A= =0A= --Sandy, speaking as co-chair=0A= =0A= ________________________________________=0A= From: sidr-bounces@ietf.org [sidr-bounces@ietf.org] on behalf of Murphy, Sa= ndra [Sandra.Murphy@sparta.com]=0A= Sent: Friday, August 17, 2012 12:58 PM=0A= To: sidr@ietf.org=0A= Subject: [sidr] WGLC on draft-ietf-sidr-rpki-rtr-impl-01=0A= =0A= The authors believe that the draft is ready for publication. This announce= s a two week last call. The WGLC will end 31 Aug 2012.=0A= =0A= Please report to the list whether you support publication of this draft or = not.=0A= =0A= The draft is available at=0A= http://tools.ietf.org/html/draft-ietf-sidr-rpki-rtr-impl-01=0A= =0A= The abstract says:=0A= =0A= This document provides an implementation report for RPKI Router=0A= protocol as defined in [I-D.ietf-sidr-rpki-rtr]. The editor did not=0A= verify the accuracy of the information provided by respondents or by=0A= any alternative means. The respondents are experts with the=0A= implementations they reported on, and their responses are considered=0A= authoritative for the implementations for which their responses=0A= represent. Respondents were asked to only use the YES answer if the=0A= feature had at least been tested in the lab.=0A= =0A= =0A= =0A= --Sandy, speaking as wg co-chair=0A= _______________________________________________=0A= sidr mailing list=0A= sidr@ietf.org=0A= https://www.ietf.org/mailman/listinfo/sidr=0A= From prvs=1922d2af91=sandra.murphy@parsons.com Mon Jul 29 07:27:17 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F8DF21F9C7E for ; Mon, 29 Jul 2013 07:27:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.58 X-Spam-Level: X-Spam-Status: No, score=-2.58 tagged_above=-999 required=5 tests=[AWL=0.019, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5ZOgv+AOZ7Qq for ; Mon, 29 Jul 2013 07:27:10 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id 0336D21E804C for ; Mon, 29 Jul 2013 07:27:05 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6TEPiGf024857; Mon, 29 Jul 2013 09:27:04 -0500 Received: from m4.sparta.com (m4.sparta.com [157.185.61.2]) by txdal11mx03.parsons.com with ESMTP id 1dwqqf8w0s-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Mon, 29 Jul 2013 09:27:04 -0500 Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6TER3Bf016933; Mon, 29 Jul 2013 09:27:03 -0500 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6TER3Za024853; Mon, 29 Jul 2013 09:27:03 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Mon, 29 Jul 2013 10:26:07 -0400 From: "Murphy, Sandra" To: "draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org" Thread-Topic: confirmation requested of IPR disclosure Thread-Index: Ac6MZTnDqgdQ4Q2NRpCZpDE3AV9b1g== Date: Mon, 29 Jul 2013 14:26:06 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-29_02:2013-07-29, 2013-07-29, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=1.61598512349315e-12 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0468750453387092 urlsuspect_oldscore=0.468750453387092 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0468750453387092 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307290055 Cc: "sidr@ietf.org" Subject: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 14:27:18 -0000 The shepherding writeup requires answers from each and every draft author c= onfirming that any IPR has been disclosed. The request for publication wil= l not be made until the answers are received.=0A= =0A= (7) Has each author confirmed that any and all appropriate IPR=0A= disclosures required for full conformance with the provisions of BCP 7= 8=0A= and BCP 79 have already been filed. If not, explain why.=0A= =0A= Please do reply to this message as soon as possible=0A= =0A= =0A= --Sandy, speaking as wg co-chair=0A= From sra@hactrn.net Mon Jul 29 07:52:07 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7ADC11E80E6 for ; Mon, 29 Jul 2013 07:52:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcXGx6Ov-B9x for ; Mon, 29 Jul 2013 07:52:01 -0700 (PDT) Received: from cyteen.hactrn.net (cyteen.hactrn.net [66.92.66.68]) by ietfa.amsl.com (Postfix) with ESMTP id 7C5B521F997B for ; Mon, 29 Jul 2013 07:51:45 -0700 (PDT) Received: from thrintun.hactrn.net (thrintun.hactrn.net [IPv6:2002:425c:4242:0:219:d1ff:fe12:5d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "thrintun.hactrn.net", Issuer "Grunchweather Associates" (verified OK)) by cyteen.hactrn.net (Postfix) with ESMTPS id 90F9A73045; Mon, 29 Jul 2013 14:51:39 +0000 (UTC) Received: from thrintun.hactrn.net (localhost [IPv6:::1]) by thrintun.hactrn.net (Postfix) with ESMTP id 302B7170D4; Mon, 29 Jul 2013 10:51:39 -0400 (EDT) Date: Mon, 29 Jul 2013 10:51:39 -0400 From: Rob Austein To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.14.0 (Africa) Emacs/23.4 Mule/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka") Content-Type: text/plain; charset=US-ASCII Message-Id: <20130729145139.302B7170D4@thrintun.hactrn.net> Cc: draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org, sidr@ietf.org Subject: Re: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 14:52:07 -0000 At Mon, 29 Jul 2013 14:26:06 +0000, Sandy Murphy wrote: > > The shepherding writeup requires answers from each and every draft > author confirming that any IPR has been disclosed. The request for > publication will not be made until the answers are received. > > (7) Has each author confirmed that any and all appropriate IPR > disclosures required for full conformance with the provisions of BCP 78 > and BCP 79 have already been filed. If not, explain why. > > Please do reply to this message as soon as possible Good freaking gods. Public oaths required before RFC publication now? Somebody please lock up the lawyers. To the best of my knowledge, I hold no IPR in need of disclosure with respect to in any contribution I might have made to this I-D. If any such IPR were to exist, which I doubt, the contract under which I did this work would require me to make said hypothetical IPR freely available under BSD license. From christopher.morrow@gmail.com Mon Jul 29 08:00:53 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58EC021F9C05 for ; Mon, 29 Jul 2013 08:00:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.6 X-Spam-Level: X-Spam-Status: No, score=-102.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2I-ry-8tk9Mm for ; Mon, 29 Jul 2013 08:00:52 -0700 (PDT) Received: from mail-lb0-x230.google.com (mail-lb0-x230.google.com [IPv6:2a00:1450:4010:c04::230]) by ietfa.amsl.com (Postfix) with ESMTP id 3F13921F9AC1 for ; Mon, 29 Jul 2013 08:00:39 -0700 (PDT) Received: by mail-lb0-f176.google.com with SMTP id w10so2069584lbi.21 for ; Mon, 29 Jul 2013 08:00:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=CS5jTR8E/jZEoe3VQOOp8zEYpePGAsZa9ziwEoa37kc=; b=ax8vfRTPfhnugHd+2NfuI3F4WtkYD4NP4Yg/kQQtqe+t05uTQ8OpF++PodxwaI+n8t Dp4XnsKtQoop9/xiCf4u5YwlGwmggSyB6uyzywLZiwSc7yLMuK3okEpx/0kMP4gJQPmn +Wv0c76pM8mQR9uzFdgkTHcJNuoZkU+vA3D3kFWcMoa/WdBjRYQFReyHdkfuczLic5B7 advETlBhzvZ8hKmm24D8sA/XxiTdQX8ygFA7N4drKMUwCalfDD88XDviWnqlCE2Oy0FG 21kXsGlduThzeyzm4mkZDQm+JqoMtJrWguVkLJfau97g2iBOiSh3WsP6q8l8j2IDrh0F BTQg== MIME-Version: 1.0 X-Received: by 10.112.55.140 with SMTP id s12mr13967180lbp.42.1375110038349; Mon, 29 Jul 2013 08:00:38 -0700 (PDT) Sender: christopher.morrow@gmail.com Received: by 10.152.22.196 with HTTP; Mon, 29 Jul 2013 08:00:38 -0700 (PDT) In-Reply-To: <20130729145139.302B7170D4@thrintun.hactrn.net> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> <20130729145139.302B7170D4@thrintun.hactrn.net> Date: Mon, 29 Jul 2013 11:00:38 -0400 X-Google-Sender-Auth: LM2Lp-EKhYEjIbJfCIm_2wngKqg Message-ID: From: Christopher Morrow To: Rob Austein Content-Type: text/plain; charset=ISO-8859-1 Cc: draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org, "sidr@ietf.org" Subject: Re: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 15:00:54 -0000 On Mon, Jul 29, 2013 at 10:51 AM, Rob Austein wrote: > At Mon, 29 Jul 2013 14:26:06 +0000, Sandy Murphy wrote: >> >> The shepherding writeup requires answers from each and every draft >> author confirming that any IPR has been disclosed. The request for >> publication will not be made until the answers are received. >> >> (7) Has each author confirmed that any and all appropriate IPR >> disclosures required for full conformance with the provisions of BCP 78 >> and BCP 79 have already been filed. If not, explain why. >> >> Please do reply to this message as soon as possible > > Good freaking gods. Public oaths required before RFC publication now? > Somebody please lock up the lawyers. it's good times, right? I think this comes from the friendly iesg-ish folk wanting to avoid IPR stuff at the 11:59 mark of a review/publication :( > To the best of my knowledge, I hold no IPR in need of disclosure with > respect to in any contribution I might have made to this I-D. > > If any such IPR were to exist, which I doubt, the contract under which > I did this work would require me to make said hypothetical IPR freely > available under BSD license. thanks! From randy@psg.com Mon Jul 29 08:36:55 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85B7311E8109 for ; Mon, 29 Jul 2013 08:36:52 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.462 X-Spam-Level: X-Spam-Status: No, score=-2.462 tagged_above=-999 required=5 tests=[AWL=0.137, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xsBGc6i0OAmw for ; Mon, 29 Jul 2013 08:36:46 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [198.180.150.18]) by ietfa.amsl.com (Postfix) with ESMTP id A749611E8102 for ; Mon, 29 Jul 2013 08:36:39 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from ) id 1V3pUu-0001dr-Oo; Mon, 29 Jul 2013 15:36:32 +0000 Date: Mon, 29 Jul 2013 17:36:32 +0200 Message-ID: From: Randy Bush To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: "draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org" , "sidr@ietf.org" Subject: Re: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 15:36:56 -0000 > (7) Has each author confirmed that any and all appropriate IPR > disclosures required for full conformance with the provisions of BCP 78 > and BCP 79 have already been filed. If not, explain why. i have no idea what other authors have done. i am unaware of any ipr in this draft. randy From internet-drafts@ietf.org Mon Jul 29 12:17:54 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 737F111E812A; Mon, 29 Jul 2013 12:17:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.517 X-Spam-Level: X-Spam-Status: No, score=-102.517 tagged_above=-999 required=5 tests=[AWL=0.083, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tRnZu3Sjh3h0; Mon, 29 Jul 2013 12:17:51 -0700 (PDT) Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 91FED21E808F; Mon, 29 Jul 2013 12:17:47 -0700 (PDT) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: internet-drafts@ietf.org To: i-d-announce@ietf.org X-Test-IDTracker: no X-IETF-IDTracker: 4.60p1 Message-ID: <20130729191745.30411.49046.idtracker@ietfa.amsl.com> Date: Mon, 29 Jul 2013 12:17:45 -0700 Cc: sidr@ietf.org Subject: [sidr] I-D Action: draft-ietf-sidr-cps-02.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 19:17:55 -0000 A New Internet-Draft is available from the on-line Internet-Drafts director= ies. This draft is a work item of the Secure Inter-Domain Routing Working Group= of the IETF. Title : Template for a Certification Practice Statement (CPS) fo= r the Resource PKI (RPKI) Author(s) : BBN Technologies Filename : draft-ietf-sidr-cps-02.txt Pages : 43 Date : 2013-07-29 Abstract: This document contains a template to be used for creating a Certification Practice Statement (CPS) for an Organization that is part of the Resource Public Key Infrastructure (RPKI), e.g., a resource allocation registry or an ISP. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-sidr-cps There's also a htmlized version available at: http://tools.ietf.org/html/draft-ietf-sidr-cps-02 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=3Ddraft-ietf-sidr-cps-02 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ From kseo@bbn.com Mon Jul 29 12:59:44 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7685111E8133 for ; Mon, 29 Jul 2013 12:59:43 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TvY9FQVKpodX for ; Mon, 29 Jul 2013 12:59:34 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 657F811E8127 for ; Mon, 29 Jul 2013 12:59:34 -0700 (PDT) Received: from dhcp89-089-042.bbn.com ([128.89.89.42]:56326) by smtp.bbn.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1V3tbR-000G7z-12 for sidr@ietf.org; Mon, 29 Jul 2013 15:59:33 -0400 Message-ID: <51F6C9A4.10302@bbn.com> Date: Mon, 29 Jul 2013 15:59:32 -0400 From: Karen Seo User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:14.0) Gecko/20120713 Thunderbird/14.0 MIME-Version: 1.0 To: sidr@ietf.org Content-Type: multipart/alternative; boundary="------------010605040803010107070404" Subject: Re: [sidr] I-D Action: draft-ietf-sidr-cps-02.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 19:59:44 -0000 This is a multi-part message in MIME format. --------------010605040803010107070404 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Folks, Apologies for the delay, I just submitted the revised CPS draft. It contains the edits discussed on the list to address the WGLC feedback from Terry Manderson, Sean Turner, and David Mandelberg, plus some corrections to the references (per IDnits). Also, I just noticed a couple of typos which I'll fix later after the SIDR sessions (in case there are other changes to be made). 3.1.6. Rrademarks --> Trademarks 4.4.3 Need a blank line before this section (Sean, Per your suggestion, I moved the "Conventions Used" section into the main text but put it before Section 1 rather than at the end of Section 1 since it didn't seem to fit into the 3647 template.) Thank you, Karen --------------010605040803010107070404 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Folks,

Apologies for the delay, I just submitted the revised CPS draft.  It contains the edits discussed on the list to address the WGLC feedback from Terry Manderson, Sean Turner, and David Mandelberg, plus some corrections to the references (per IDnits).   Also, I just noticed a couple of typos which I'll fix later after the SIDR sessions (in case there are other changes to be made).
3.1.6. Rrademarks --> Trademarks
4.4.3 Need a blank line before this section
(Sean, Per your suggestion, I moved the "Conventions Used" section into the main text but put it before Section 1 rather than at the end of Section 1 since it didn't seem to fit into the 3647 template.)

Thank you,
Karen
--------------010605040803010107070404-- From keyupate@cisco.com Mon Jul 29 13:19:26 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B10F221F99A6 for ; Mon, 29 Jul 2013 13:19:25 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -10.599 X-Spam-Level: X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mjXI1yJhdxNh for ; Mon, 29 Jul 2013 13:19:14 -0700 (PDT) Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) by ietfa.amsl.com (Postfix) with ESMTP id C49C921F99A8 for ; Mon, 29 Jul 2013 13:19:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1120; q=dns/txt; s=iport; t=1375129153; x=1376338753; h=from:to:cc:subject:date:message-id:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=ZoLMwPHK+H64ZOluhe+d8wGFhkAHNO5zfw1eR9bfvbI=; b=i8wGTgWS06cX8b87q0mKIeQd1bMRw/RdieiAmIUI6HFQ0150+QJ+nqn1 o3luwADFl+OipLjPru/f3Zs2/12Hw3CENpVrj+X034b+ipkjeBZZqMo3o 9X+0RWKXUX3oD5cyKpGlluGEGNqOMDRyDyDeqDwp5oFC2Ar4EgpyACLA8 c=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AggFAJDN9lGtJV2d/2dsb2JhbABbgwaBBb1hgRoWdIIkAQEBBDo/EgEIDgoKFEIlAgQOBQiICLh7j0wxB4MYbwOpK4MUgio X-IronPort-AV: E=Sophos;i="4.89,772,1367971200"; d="scan'208";a="240965356" Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-7.cisco.com with ESMTP; 29 Jul 2013 20:19:13 +0000 Received: from xhc-rcd-x06.cisco.com (xhc-rcd-x06.cisco.com [173.37.183.80]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id r6TKJDDL003894 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 29 Jul 2013 20:19:13 GMT Received: from xmb-aln-x09.cisco.com ([169.254.4.8]) by xhc-rcd-x06.cisco.com ([173.37.183.80]) with mapi id 14.02.0318.004; Mon, 29 Jul 2013 15:19:12 -0500 From: "Keyur Patel (keyupate)" To: Rob Austein , "Murphy, Sandra" Thread-Topic: confirmation requested of IPR disclosure Thread-Index: AQHOjJjjqHA0+dDuBEu2hBSA4+BTXg== Date: Mon, 29 Jul 2013 20:19:12 +0000 Message-ID: <4931A85EED76CA48BD52F2D94E7FAB0E0889996D@xmb-aln-x09.cisco.com> In-Reply-To: <20130729145139.302B7170D4@thrintun.hactrn.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.13.0.110805 x-originating-ip: [10.21.87.193] Content-Type: text/plain; charset="us-ascii" Content-ID: <9B2E578A7AE5BE4CADA62A77E39B0A94@emea.cisco.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org" , "sidr@ietf.org" Subject: Re: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 20:19:26 -0000 I am unaware of any ipr in this draft. Regards, Keyur On 7/29/13 7:51 AM, "Rob Austein" wrote: >At Mon, 29 Jul 2013 14:26:06 +0000, Sandy Murphy wrote: >>=20 >> The shepherding writeup requires answers from each and every draft >> author confirming that any IPR has been disclosed. The request for >> publication will not be made until the answers are received. >>=20 >> (7) Has each author confirmed that any and all appropriate IPR >> disclosures required for full conformance with the provisions of >>BCP 78 >> and BCP 79 have already been filed. If not, explain why. >>=20 >> Please do reply to this message as soon as possible > >Good freaking gods. Public oaths required before RFC publication now? >Somebody please lock up the lawyers. > >To the best of my knowledge, I hold no IPR in need of disclosure with >respect to in any contribution I might have made to this I-D. > >If any such IPR were to exist, which I doubt, the contract under which >I did this work would require me to make said hypothetical IPR freely >available under BSD license. From kseo@bbn.com Mon Jul 29 13:27:36 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAD7B21E809A for ; Mon, 29 Jul 2013 13:27:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.598 X-Spam-Level: X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uQAuEo723KzR for ; Mon, 29 Jul 2013 13:27:30 -0700 (PDT) Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id B5D7521E808F for ; Mon, 29 Jul 2013 13:27:30 -0700 (PDT) Received: from dhcp89-089-042.bbn.com ([128.89.89.42]:56348) by smtp.bbn.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from ) id 1V3u2R-000B1K-Ux for sidr@ietf.org; Mon, 29 Jul 2013 16:27:28 -0400 Message-ID: <51F6D02F.1000505@bbn.com> Date: Mon, 29 Jul 2013 16:27:27 -0400 From: Karen Seo User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:14.0) Gecko/20120713 Thunderbird/14.0 MIME-Version: 1.0 To: sidr@ietf.org Content-Type: multipart/alternative; boundary="------------090201070503090507010702" Subject: Re: [sidr] I-D Action: draft-ietf-sidr-cps-02.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 20:27:36 -0000 This is a multi-part message in MIME format. --------------090201070503090507010702 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Folks, By the way, there's still the following issue to which I don't recall seeing a conclusion... Sean said "wfm" but I didn't see a decision between the two options below. From Sean Turner... b) draft-ietf-sidr-rtr-keying allows operators sign the private keys they generate ans subsequently send back to the router. Should this be explicitly called out in s4.5.1. For s.4.5.2, is the returned signed-key an RPKI-Signed Object? We could update the CPS with a pointer to rtr-keying when it is published. It would be a very minor update, as an informational reference. If the chairs prefer, we can add a reference to the I-D, and have this doc held in the RFC Editor's queue waiting for that doc to be approved. Karen --------------090201070503090507010702 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Folks,

By the way, there's still the following issue to which I don't recall seeing a conclusion... Sean said "wfm" but I didn't see a decision between the two options below.
From Sean Turner...

b) draft-ietf-sidr-rtr-keying allows operators sign the private keys they generate ans subsequently send back to the router.  Should this be explicitly called out in s4.5.1.  For s.4.5.2, is the returned signed-key an RPKI-Signed Object?
We could update the CPS with a pointer to rtr-keying when it is published. It would be a very minor update, as an informational reference. If the chairs prefer, we can add a reference to the I-D, and have this doc held in the RFC Editor's queue waiting for that doc to be approved.
Karen
--------------090201070503090507010702-- From aservin@lacnic.net Tue Jul 30 00:50:06 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7074421F9E36 for ; Tue, 30 Jul 2013 00:50:06 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.6 X-Spam-Level: X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VWThVHGBFP2e for ; Tue, 30 Jul 2013 00:50:06 -0700 (PDT) Received: from mail.lacnic.net.uy (mail.lacnic.net.uy [IPv6:2001:13c7:7001:4000::3]) by ietfa.amsl.com (Postfix) with ESMTP id AFADC21F9E35 for ; Tue, 30 Jul 2013 00:50:04 -0700 (PDT) Received: from Arturos-MacBook-Pro.local (unknown [IPv6:2001:df8:0:16:55a5:2b76:65f9:9f6a]) by mail.lacnic.net.uy (Postfix) with ESMTP id 8D3F5308427 for ; Tue, 30 Jul 2013 04:49:40 -0300 (UYT) Message-ID: <51F77028.4060405@lacnic.net> Date: Tue, 30 Jul 2013 09:50:00 +0200 From: Arturo Servin Organization: LACNIC User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: sidr@ietf.org References: <51F6D02F.1000505@bbn.com> In-Reply-To: <51F6D02F.1000505@bbn.com> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-LACNIC.uy-MailScanner-Information: Please contact the ISP for more information X-LACNIC.uy-MailScanner: Found to be clean X-LACNIC.uy-MailScanner-SpamCheck: X-LACNIC.uy-MailScanner-From: aservin@lacnic.net Subject: Re: [sidr] I-D Action: draft-ietf-sidr-cps-02.txt X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 07:50:06 -0000 I would prefer to update the CPS when rtr-keying is done and to move draft-ietf-sidr-cps-02 forward now. Regards, as On 7/29/13 10:27 PM, Karen Seo wrote: > Folks, > > By the way, there's still the following issue to which I don't recall > seeing a conclusion... Sean said "wfm" but I didn't see a decision > between the two options below. > > From Sean Turner... > > b) draft-ietf-sidr-rtr-keying allows operators sign the private keys > they generate ans subsequently send back to the router. Should this > be explicitly called out in s4.5.1. For s.4.5.2, is the returned > signed-key an RPKI-Signed Object? > > We could update the CPS with a pointer to rtr-keying when it is > published. It would be a very minor update, as an informational > reference. If the chairs prefer, we can add a reference to the > I-D, and have this doc held in the RFC Editor's queue waiting > for that doc to be approved. > > Karen > > > _______________________________________________ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr > From stbryant@cisco.com Tue Jul 30 01:13:52 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D012D21E8091 for ; Tue, 30 Jul 2013 01:13:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -110.339 X-Spam-Level: X-Spam-Status: No, score=-110.339 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id isYQwRALXLB9 for ; Tue, 30 Jul 2013 01:13:45 -0700 (PDT) Received: from ams-iport-3.cisco.com (ams-iport-3.cisco.com [144.254.224.146]) by ietfa.amsl.com (Postfix) with ESMTP id E942221E80BD for ; Tue, 30 Jul 2013 01:13:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1364; q=dns/txt; s=iport; t=1375172024; x=1376381624; h=message-id:date:from:reply-to:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=UrBstPURu/tuYyhgvJLrA+gyV5NcwMB8oPQBXqG5WtY=; b=GCayxbXI+djt3ftZCm7grXKv/xJC0hJRq6IxH7Ya0zf8I2gpoBxzxQ0Y FpMxWcVNYoNtrqi9HpHVnPQn7OpWIgPppZXK4xqGa1n0cLB2wewQfyaD2 yQqhzDLGju8LkN3xTtJ2qSDAVDEW+SZtxQk8eb2DQji9+CdqUoTSs0183 E=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgEFAG1191GQ/khN/2dsb2JhbABbgwa/E4EbFnSCJAEBAQQ4QAEQCxgJFg8JAwIBAgFFBg0BBQIBAYgMuQePfgeEBwOXX5FMgxU X-IronPort-AV: E=Sophos;i="4.89,729,1367971200"; d="scan'208";a="16139254" Received: from ams-core-4.cisco.com ([144.254.72.77]) by ams-iport-3.cisco.com with ESMTP; 30 Jul 2013 08:13:40 +0000 Received: from cisco.com (mrwint.cisco.com [64.103.70.36]) by ams-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id r6U8Dc0H022482 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 30 Jul 2013 08:13:38 GMT Received: from [IPv6:::1] (localhost [127.0.0.1]) by cisco.com (8.14.4+Sun/8.8.8) with ESMTP id r6U8Dbor018001; Tue, 30 Jul 2013 09:13:37 +0100 (BST) Message-ID: <51F775B1.1030904@cisco.com> Date: Tue, 30 Jul 2013 09:13:37 +0100 From: Stewart Bryant User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Christopher Morrow References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C805D@CVA-MB002.centreville.ads.sparta.com> <20130729145139.302B7170D4@thrintun.hactrn.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: draft-ietf-sidr-rpki-rtr-impl@tools.ietf.org, Rob Austein , "sidr@ietf.org" Subject: Re: [sidr] confirmation requested of IPR disclosure X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: stbryant@cisco.com List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 08:13:52 -0000 On 29/07/2013 16:00, Christopher Morrow wrote: > On Mon, Jul 29, 2013 at 10:51 AM, Rob Austein wrote: >> At Mon, 29 Jul 2013 14:26:06 +0000, Sandy Murphy wrote: >>> The shepherding writeup requires answers from each and every draft >>> author confirming that any IPR has been disclosed. The request for >>> publication will not be made until the answers are received. >>> >>> (7) Has each author confirmed that any and all appropriate IPR >>> disclosures required for full conformance with the provisions of BCP 78 >>> and BCP 79 have already been filed. If not, explain why. >>> >>> Please do reply to this message as soon as possible >> Good freaking gods. Public oaths required before RFC publication now? >> Somebody please lock up the lawyers. > it's good times, right? > > I think this comes from the friendly iesg-ish folk wanting to avoid > IPR stuff at the 11:59 mark of a review/publication :( Or at 13:01, which is problematic for all involved. There have been an increasing number of late IPR filing across the IETF and it's in everyone's interests that this is avoided. For most people the answer is a straight forward "I am unaware..." but across the area as a whole there are occasional responses that are of the form "ah, sorry, need to talk to our legal department....". Stewart From prvs=1923610b36=sandra.murphy@parsons.com Tue Jul 30 04:21:49 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADAEF11E81C4 for ; Tue, 30 Jul 2013 04:21:45 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.583 X-Spam-Level: X-Spam-Status: No, score=-2.583 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wcsJSAXrdeMG for ; Tue, 30 Jul 2013 04:21:34 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id F2F7021E80BF for ; Tue, 30 Jul 2013 04:21:32 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6UBJu3E025477 for ; Tue, 30 Jul 2013 06:21:32 -0500 Received: from uther.sparta.com (uther.sparta.com [157.185.0.2]) by txdal11mx03.parsons.com with ESMTP id 1dx7jnh376-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Tue, 30 Jul 2013 06:21:32 -0500 Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6UBLKwA009526 for ; Tue, 30 Jul 2013 04:21:20 -0700 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6UBLJCs002827 for ; Tue, 30 Jul 2013 04:21:20 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 07:20:20 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: minutes and jabber scribe voluntters Thread-Index: Ac6NFsZoX5LbQs5ETmWGOIlIjONm3Q== Date: Tue, 30 Jul 2013 11:20:19 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C88FD@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-30_05:2013-07-30, 2013-07-30, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=0 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0616162242266031 urlsuspect_oldscore=0.616162242266031 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=1 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0616162242266031 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307300046 Subject: [sidr] minutes and jabber scribe voluntters X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 11:21:51 -0000 We need volunteers for minute taker and jabber scribe for the sessions this= week, Wednesday (tomorrow) and Friday.=0A= =0A= Note for minute taking - the etherpad application can make this a collabora= tive effort. So people can fill in when the minute taker goes to the mike = or misses a commenter's name and so forth.=0A= =0A= --Sandy= From prvs=1923610b36=sandra.murphy@parsons.com Tue Jul 30 07:22:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8842321F9BFF for ; Tue, 30 Jul 2013 07:22:17 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.575 X-Spam-Level: X-Spam-Status: No, score=-2.575 tagged_above=-999 required=5 tests=[AWL=0.024, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4G0cUC1gfGns for ; Tue, 30 Jul 2013 07:22:10 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id D23D021F9971 for ; Tue, 30 Jul 2013 07:21:10 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6UEFT46008828 for ; Tue, 30 Jul 2013 09:20:54 -0500 Received: from m4.sparta.com (m4.sparta.com [157.185.61.2]) by txdal11mx03.parsons.com with ESMTP id 1dxcrt0v4a-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Tue, 30 Jul 2013 09:20:54 -0500 Received: from Beta5.sparta.com ([10.62.8.21]) by M4.sparta.com (8.14.4/8.14.4) with ESMTP id r6UEKrrS023092 for ; Tue, 30 Jul 2013 09:20:53 -0500 Received: from CVA-HUB001.centreville.ads.sparta.com ([10.62.108.11]) by Beta5.sparta.com (8.13.8/8.13.8) with ESMTP id r6UEKlcV024166 for ; Tue, 30 Jul 2013 09:20:47 -0500 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB001.centreville.ads.sparta.com ([fe80::8ca8:7aea:3db9:1972%11]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 10:19:48 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: draft-ietf-sidr-origin-ops Thread-Index: Ac6NGr1s62cs3ujVT6+FLpdzwlZoPA== Date: Tue, 30 Jul 2013 14:19:48 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8A38@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-30_05:2013-07-30, 2013-07-30, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=6.26926288660457e-12 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0543551683579278 urlsuspect_oldscore=0.543551683579278 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0543551683579278 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307300083 Subject: [sidr] draft-ietf-sidr-origin-ops X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:22:18 -0000 A new version of draft-ietf-sidr-origin-ops was submitted several months ag= o.=0A= =0A= The co-chairs are satisfied that the draft captures wg consensus and public= ation will be requested.=0A= =0A= There was one comment during the wglc http://www.ietf.org/mail-archive/web/= sidr/current/msg05002.html that requested significant expansion of the text= , to include intuition, explanations, justification, rationale, benefits, t= radeoffs, etc., and for detailed examples and a strawman example as an expo= sitory device.=0A= =0A= The chairs judgement of the wg discussion of the draft is that the wg did n= ot intend that the draft provide this level of tutorial and education.=0A= =0A= Perhaps such a tutorial would be useful and of interest to the wg. The com= menter (and/or like minded wg members) could begin work on that.=0A= =0A= The publication request will be made in two weeks, baring objections.=0A= =0A= --Sandy= From prvs=1923610b36=sandra.murphy@parsons.com Tue Jul 30 07:30:31 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 782F921E8101 for ; Tue, 30 Jul 2013 07:30:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.576 X-Spam-Level: X-Spam-Status: No, score=-2.576 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KnF7we0ecUoM for ; Tue, 30 Jul 2013 07:30:25 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id D21EA21E8113 for ; Tue, 30 Jul 2013 07:28:53 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6UEPSZ3019194 for ; Tue, 30 Jul 2013 09:28:49 -0500 Received: from uther.sparta.com (uther.sparta.com [157.185.0.2]) by txdal11mx03.parsons.com with ESMTP id 1dxcrt0wny-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT) for ; Tue, 30 Jul 2013 09:28:49 -0500 Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6UESmU4011010 for ; Tue, 30 Jul 2013 07:28:48 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6UESlep009228 for ; Tue, 30 Jul 2013 07:28:48 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 10:27:48 -0400 From: "Murphy, Sandra" To: "sidr@ietf.org" Thread-Topic: new agenda posted Thread-Index: Ac6NMJK4BmLPf7y2Q2ahDThsPR49tQ== Date: Tue, 30 Jul 2013 14:27:47 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8A51@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-30_05:2013-07-30, 2013-07-30, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=4.99672525577921e-12 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.0616162242266031 urlsuspect_oldscore=0.616162242266031 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.0616162242266031 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307300085 Subject: [sidr] new agenda posted X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:30:31 -0000 A new agenda is posted, with times assigned for the various presentations. = Some new presentations are added, including two on deployment monitoring t= ools and one on error handling.=0A= =0A= Please do look at this. If you believe that the time allotted is not adequ= ate for your presentation or more time than you need, please inform the cha= irs. If you have requested some time on the agenda and do not see it on th= e agenda, please alert the chairs.=0A= =0A= --Sandy, speaking as co-chair=0A= From prvs=1923610b36=sandra.murphy@parsons.com Tue Jul 30 07:37:18 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA4DB21F9EA7 for ; Tue, 30 Jul 2013 07:37:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.577 X-Spam-Level: X-Spam-Status: No, score=-2.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JJs2z8ZbrvsX for ; Tue, 30 Jul 2013 07:37:12 -0700 (PDT) Received: from txdal11mx03.parsons.com (txdal11mx03.parsons.com [206.219.199.111]) by ietfa.amsl.com (Postfix) with ESMTP id D3C3E21F9E3A for ; Tue, 30 Jul 2013 07:36:49 -0700 (PDT) Received: from pps.filterd (txdal11mx03 [127.0.0.1]) by txdal11mx03.parsons.com (8.14.5/8.14.5) with SMTP id r6UEZXMh029963; Tue, 30 Jul 2013 09:36:49 -0500 Received: from uther.sparta.com (uther.sparta.com [157.185.0.2]) by txdal11mx03.parsons.com with ESMTP id 1dxcrt0y9c-1 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NOT); Tue, 30 Jul 2013 09:36:48 -0500 Received: from durin.laguna.sparta.com ([10.62.216.7]) by Uther.sparta.com (8.13.8/8.13.8) with ESMTP id r6UEalEv011093; Tue, 30 Jul 2013 07:36:47 -0700 Received: from CVA-HUB002.centreville.ads.sparta.com ([10.62.108.29]) by durin.laguna.sparta.com (8.13.8/8.13.8) with ESMTP id r6UEalmW009530; Tue, 30 Jul 2013 07:36:47 -0700 Received: from CVA-MB002.centreville.ads.sparta.com ([fe80::6046:a82a:c500:c9ad]) by CVA-HUB002.centreville.ads.sparta.com ([fe80::9817:c0c5:e172:9d1c%11]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 10:35:48 -0400 From: "Murphy, Sandra" To: "draft-ietf-sidr-origin-ops@tools.ietf.org" Thread-Topic: confirmation of IPR disclosure for draft-ietf-sidr-origin-ops Thread-Index: Ac6NMhSkZXu00WLaTXOluZolqC3zFw== Date: Tue, 30 Jul 2013 14:35:47 +0000 Message-ID: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8A8F@CVA-MB002.centreville.ads.sparta.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.62.8.137] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-30_05:2013-07-30, 2013-07-30, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 kscore.is_bulkscore=4.66843230739755e-12 kscore.compositescore=0 circleOfTrustscore=48.064 compositescore=0.054004110324082 urlsuspect_oldscore=0.54004110324082 suspectscore=0 recipient_domain_to_sender_totalscore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 recipient_to_sender_totalscore=0 recipient_domain_to_sender_domain_totalscore=6008 rbsscore=0.054004110324082 spamscore=0 recipient_to_sender_domain_totalscore=0 urlsuspectscore=0.3 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1305240000 definitions=main-1307300087 Cc: "sidr@ietf.org" Subject: [sidr] confirmation of IPR disclosure for draft-ietf-sidr-origin-ops X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:37:19 -0000 The shepherding writeup requires answers from each and every draft author c= onfirming that any IPR has been disclosed. The request for publication wil= l not be made until the answers are received.=0A= =0A= (7) Has each author confirmed that any and all appropriate IPR=0A= disclosures required for full conformance with the provisions of BCP 7= 8=0A= and BCP 79 have already been filed. If not, explain why.=0A= =0A= Please do reply to this message as soon as possible=0A= =0A= =0A= --Sandy, speaking as wg co-chair= From randy@psg.com Tue Jul 30 07:42:28 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F9DF21F9EC6 for ; Tue, 30 Jul 2013 07:42:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.5 X-Spam-Level: X-Spam-Status: No, score=-2.5 tagged_above=-999 required=5 tests=[AWL=0.099, BAYES_00=-2.599] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frGHZHQxfzAO for ; Tue, 30 Jul 2013 07:42:23 -0700 (PDT) Received: from ran.psg.com (ran.psg.com [198.180.150.18]) by ietfa.amsl.com (Postfix) with ESMTP id BC01911E81FD for ; Tue, 30 Jul 2013 07:42:12 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.76) (envelope-from ) id 1V4B7c-0003Ez-M8; Tue, 30 Jul 2013 14:41:57 +0000 Date: Tue, 30 Jul 2013 16:41:55 +0200 Message-ID: From: Randy Bush To: "Murphy, Sandra" In-Reply-To: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8A8F@CVA-MB002.centreville.ads.sparta.com> References: <24B20D14B2CD29478C8D5D6E9CBB29F6749C8A8F@CVA-MB002.centreville.ads.sparta.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI) MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Cc: "draft-ietf-sidr-origin-ops@tools.ietf.org" , "sidr@ietf.org" Subject: Re: [sidr] confirmation of IPR disclosure for draft-ietf-sidr-origin-ops X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:42:29 -0000 > The shepherding writeup requires answers from each and every draft > author confirming that any IPR has been disclosed. The request for > publication will not be made until the answers are received. > > (7) Has each author confirmed that any and all appropriate IPR > disclosures required for full conformance with the provisions of > BCP 78 and BCP 79 have already been filed. If not, explain why. > > Please do reply to this message as soon as possible i am not aware of ipr related to this draft randy From alexey.melnikov@isode.com Wed Jul 31 03:02:46 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 678E021F9EC4 for ; Wed, 31 Jul 2013 03:02:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.367 X-Spam-Level: X-Spam-Status: No, score=-102.367 tagged_above=-999 required=5 tests=[AWL=0.233, BAYES_00=-2.599, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ctIX1YfEQ4I3 for ; Wed, 31 Jul 2013 03:02:41 -0700 (PDT) Received: from statler.isode.com (statler.isode.com [62.3.217.254]) by ietfa.amsl.com (Postfix) with ESMTP id 2790721F9EAF for ; Wed, 31 Jul 2013 03:02:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1375264953; d=isode.com; s=selector; i=@isode.com; bh=//4ebrBzR2dhXx0syC46D3nvBOuQtbqlF24O3nngVTM=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=TwY7hVZJbOGAUkgzw0EEquJlRKLJXQkLE+TTrV44a6aS+DIaSLUeyX/JArrUPq6Kp4YmoH KPMuAHPozsicFr0iv56A0IFRnAtqRdTAF8RUcDWboubB9YgvmM7XFxGwP5TjpP9vSZYiQg 2yvALYhz8xSA11Y8ZgqwZHn1eSPrEzs=; Received: from [130.129.18.89] (dhcp-1259.meeting.ietf.org [130.129.18.89]) by statler.isode.com (submission channel) via TCP with ESMTPA id ; Wed, 31 Jul 2013 11:02:33 +0100 Message-ID: <51F8E0BD.9040107@isode.com> Date: Wed, 31 Jul 2013 11:02:37 +0100 From: Alexey Melnikov User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 To: sidr wg MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Samuel Weiler Subject: [sidr] Samuel Weiler is the SIDR WG Secretary X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 10:02:46 -0000 After a discussion between WG chairs and our responsible AD, Sam Weiler is appointed the WG Secretary. This appointment should be reflected shortly in the datatracker. Alexey, on behalf of SIDR co-chairs. From stbryant@cisco.com Wed Jul 31 04:18:39 2013 Return-Path: X-Original-To: sidr@ietfa.amsl.com Delivered-To: sidr@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CB1911E80FA for ; Wed, 31 Jul 2013 04:18:39 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -110.408 X-Spam-Level: X-Spam-Status: No, score=-110.408 tagged_above=-999 required=5 tests=[AWL=0.191, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id klqiNgkJnxtD for ; Wed, 31 Jul 2013 04:18:33 -0700 (PDT) Received: from ams-iport-4.cisco.com (ams-iport-4.cisco.com [144.254.224.147]) by ietfa.amsl.com (Postfix) with ESMTP id 4208911E80EC for ; Wed, 31 Jul 2013 04:18:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=498; q=dns/txt; s=iport; t=1375269513; x=1376479113; h=message-id:date:from:reply-to:mime-version:to:subject: content-transfer-encoding; bh=r+blOp8VC0a/rkArFnc5BV7Y0z/CkHY44JAu8OjYjLQ=; b=h/loyIDsE1IZEvjxQqmrO8ZH3rcPqSXRm2JlQr84PFN130Gqr5Y+G1GB eIMfb/Kvd3k9obU7B2303yDevV58cU62JlF8dyXmjrTZ03vbrCVP7MQ+W CDrEvAs6BjX8VO2wKIVTG/n15aOEO7ynb5bF7WHPWjD+HkKjjnA9FF21+ U=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AiQFADny+FGQ/khL/2dsb2JhbABbgwbAORZ0gmNAPRYYAwIBAgFLAQwIAQGIDJ8nmVeUGQOXX5FNgxU X-IronPort-AV: E=Sophos;i="4.89,786,1367971200"; d="scan'208";a="16656531" Received: from ams-core-2.cisco.com ([144.254.72.75]) by ams-iport-4.cisco.com with ESMTP; 31 Jul 2013 11:18:16 +0000 Received: from cisco.com (mrwint.cisco.com [64.103.70.36]) by ams-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id r6VBIErp010296 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 31 Jul 2013 11:18:15 GMT Received: from [IPv6:::1] (localhost [127.0.0.1]) by cisco.com (8.14.4+Sun/8.8.8) with ESMTP id r6VBIDll008098; Wed, 31 Jul 2013 12:18:14 +0100 (BST) Message-ID: <51F8F275.8060504@cisco.com> Date: Wed, 31 Jul 2013 12:18:13 +0100 From: Stewart Bryant User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Alexey Melnikov , "sidr-chairs@tools.ietf.org" , sidr wg list Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [sidr] Thanks to Alexey Melnikov X-BeenThere: sidr@ietf.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: stbryant@cisco.com List-Id: Secure Interdomain Routing List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 11:18:39 -0000 I regret that I have accepted Alexey Melnikov's resignation as a chair of the SIDR WG. Alexey was recently appointed as chair of the RFC Editor Program (RSOC) and thus no longer has time to chair the SIDR WG. I would like to thank Alexey for stepping in as a SIDR Chair at my request, and for the work that he has done for the SIDR WG whilst in office. I am sure you will all join me in thanking Alexey for his work on SIDR and in wishing him well in his new IETF roll. - Stewart