[sidr] new agenda uploaded; all slides received so far uploaded
I have uploaded a new agenda. There are two new items on the agenda - “ROA Misconceptions” from Randy Bush and a report on Wednesday’s ROA signing party by Markus de Brun. Both are short presentations. I have compressed some of the other time slots, in order to keep a block of time for discussion at the end. Likely topic: continuing last meeting’s discussion of the future of SIDR - possible rechartering. Each presenter has at least as much time as they requested. All slides I know I have received have been uploaded. Presenters should check the agenda to be sure I have the right presenter listed, name spelled correctly, topic title correct, etc., and check the materials uploaded to make sure the right versions are uploaded. (Meeting materials are available on the agenda page https://datatracker.ietf.org/meeting/96/agenda.html if you click on the “show meeting materials” icon and on the meeting materials site https://datatracker.ietf.org/meeting/96/materials.html. —Sandy, speaking as one of the wg co-chairs signature.asc Description: Message signed with OpenPGP using GPGMail ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
Re: [sidr] new agenda uploaded
I agree with Steve. “RPKI Validation Reconsidered” should not be carried on. And I believe that our WG should look at RPKI operation security from a wider perspective and pursue countermeasures according to a deliberate threat model as described in draft-kent-sidr-adverse-actions. Di Ma ZDNS Ltd. > 在 2015年11月5日,23:24,Stephen Kent写道: > > Sandy, > > I think "draft-ietf-sidr-rpki-validation-reconsidered served a valuable > purpose, > highlighting valid concerns about potential fragility in the RPKI, in the > face of > errors by CAs and in the context of INR transfers. However, I feel that this > I-D > should not progress. > > The topic of INR transfers is being addressed in much grater detail in > draft-ymbk-sidr-transfer (which lists Geoff and George as co-authors). This > doc. > for which I provided extensive comments over the summer, is examining > discussing > INR transfers in a more thorough fashion and thus should provide a better > basis for > selecting a standard mechanism for their support. > > The impact of errors by CAs is being examined in a much broader context in an > I-D that > Di Ma and I have authored: draft-kent-sidr-adverse-actions. This document > examines > a very wide range of impacts that can result from an error by a CA or an > attack > against a CA (or an error/attack involving a repository manager). Thus I feel > that it > will provide a more comprehensive analysis of the sort of concerns raised in > validation-reconsidered. > > Finally, the the validation algorithm change proposed in > validation-reconsidered does > not address the broader range of errors noted in adverse-actions. It also is > not compatible > with current RP software designs that validates CA (not just EE) certs as > part of local cache > maintenance. > > Once the sidr-transfer and adverse-actions I-Ds are completed, I believe the > WG > will be a much better position to develop mechanisms that will address both > sets > of concerns noted above. > > Steve > > ___ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
Re: [sidr] new agenda uploaded
Sandy, I think "draft-ietf-sidr-rpki-validation-reconsidered served a valuable purpose, highlighting valid concerns about potential fragility in the RPKI, in the face of errors by CAs and in the context of INR transfers. However, I feel that this I-D should not progress. The topic of INR transfers is being addressed in much grater detail in draft-ymbk-sidr-transfer (which lists Geoff and George as co-authors). This doc. for which I provided extensive comments over the summer, is examining discussing INR transfers in a more thorough fashion and thus should provide a better basis for selecting a standard mechanism for their support. The impact of errors by CAs is being examined in a much broader context in an I-D that Di Ma and I have authored: draft-kent-sidr-adverse-actions. This document examines a very wide range of impacts that can result from an error by a CA or an attack against a CA (or an error/attack involving a repository manager). Thus I feel that it will provide a more comprehensive analysis of the sort of concerns raised in validation-reconsidered. Finally, the the validation algorithm change proposed in validation-reconsidered does not address the broader range of errors noted in adverse-actions. It also is not compatible with current RP software designs that validates CA (not just EE) certs as part of local cache maintenance. Once the sidr-transfer and adverse-actions I-Ds are completed, I believe the WG will be a much better position to develop mechanisms that will address both sets of concerns noted above. Steve ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
Re: [sidr] new agenda uploaded
If you don't mind uploading a new new one to reflect the current plan for Friday, it would be helpful. Thanks! --John > On Nov 3, 2015, at 7:48 AM, Sandra Murphywrote: > > A new agenda was uploaded. > > Thanks to Tim to catching an error in the header, a holdover from a long ago > agenda. > > —Sandy ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
Re: [sidr] new agenda uploaded
I uploaded a new agenda, moving Rob’s time on Friday to Tuesday without any attempt to represent Tue timing, moved Randy’s presentation on router keying to Friday, and added a presentation of validation reconsidered. Still on the Friday agenda are Steve Kent and Yu Fu talking about bad CAs. —Sandy, speaking as a wg co-chair On Nov 5, 2015, at 2:42 PM, John G. Scudderwrote: > If you don't mind uploading a new new one to reflect the current plan for > Friday, it would be helpful. Thanks! > > --John > >> On Nov 3, 2015, at 7:48 AM, Sandra Murphy wrote: >> >> A new agenda was uploaded. >> >> Thanks to Tim to catching an error in the header, a holdover from a long ago >> agenda. >> >> —Sandy > > ___ > sidr mailing list > sidr@ietf.org > https://www.ietf.org/mailman/listinfo/sidr signature.asc Description: Message signed with OpenPGP using GPGMail ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
[sidr] new agenda uploaded
I have uploaded a new agenda, with some changes in ordering to facilitate some people's itineraries. There's also a new presentation by Dr. Declan Ma. My apologies to Dr. Ma for missing his request last week. For those on the agenda, please check the agenda to see there are any errors. Revision requests are quite acceptable. If you think you should be on the agenda but you are not, send mail to sidr-cha...@ietf.org --Sandy signature.asc Description: Message signed with OpenPGP using GPGMail ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
[sidr] new agenda uploaded
A new agenda was just uploaded. I belivee that it contains all the requests for agenda time. If I have missed an agenda item or if the time alloted or order or name or whatever is not appropriate, please reply to both wg chairs. --Sandy ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
[sidr] new agenda uploaded
I have uploaded a new agenda, adding Ruediger's requested agenda slot. --Sandy ___ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr