Roque Gagliano wrote:
Moreover, the cert. profile document particularly requests that names should be "meaningless" in RPKI. This is to avoid any sort of legal issues.
Just checked again RPKI cert profile (architecture) draft. There is definitely no MUST on not using human readable fields. It's simply that RPKI certs are authorization and not authentication certificates, so the recommendation is not be descriptive when it comes to identities, but rather choose effective names that will make the linkage with the existing database records easier.
When analyzing possible attacks, we must consider that there might be meaningful identities. Actually, from the attacker's point of view, even the identity that easies the linkage with the database might be for some reason meaningful and possibly predictable. After all, as long as it is not completely random, there is a chance that the attack will take less effort then the brute force attack.
Additionally, we can put the identity fields on the side. There are other human readable fields -- for example, validity periods.
All in all, I believe we should not take for granted that the distinguished name field for either the subject or the issuer of a SEND certificate should always be human readable.
There is no assumption in the draft that any of identity fields is always human readable.
Ana _______________________________________________ CGA-EXT mailing list [email protected] https://www.ietf.org/mailman/listinfo/cga-ext
