On Thu, Nov 17, 2011 at 12:13 AM, Stephen Kent k...@bbn.com wrote:
At 10:25 PM -0500 11/13/11, Brian Dickson wrote:
(when RPs are able to validate using B). I don't see what this step
in this order, buys us, or even that it is necessary at all.
Phase 1 allows early adopter CAs to get certs
On Thu, Nov 17, 2011 at 12:50 PM, Brian Dickson
brian.peter.dick...@gmail.com wrote:
Here's the thing - if all-A chains continue to exist until Phase 4,
_and_ fallback to Suite A is required, this is a downgrade-attack
vulnerability.
It seems to me that as long as there are consumers of cert
At 10:25 PM -0500 11/13/11, Brian Dickson wrote:
On Sun, Nov 13, 2011 at 9:16 PM, Stephen Kent k...@bbn.com wrote:
You suggested that we codify how the community should deal with problems
that motivate delaying a phase transition. We're not writing the timeline
document now, but the text at
To: Stephen Kent
Cc: sidr@ietf.org list
Subject: Re: [sidr] WGLC for draft-ietf-sidr-algorithm-agility-03
On Nov 9, 2011, at 1:42 PM, Stephen Kent wrote:
At 1:27 AM -0500 11/8/11, Brian Dickson wrote:
...
I do not support adoption of this document in its current form.
The main reasons have to do
Eric,
i think we are making progress. thanks for the feedback.
...
I really think we should address these issues in a single document.
It seems like splitting this off into a separate/as yet unwritten
document is likely to cause some problems. In particular, since
that document does not
One clarification. I included Eric below as he was one of those who
took offense at the conclusion Steve drew from Brian's remark about
colleagues. Unfortunately, you is both singular and plural, so the
text as written implies that Eric colluded in the remark about
colleagues. I should
On Nov 15, 2011, at 10:53 AM, Stephen Kent wrote:
Eric,
i think we are making progress. thanks for the feedback.
...
I really think we should address these issues in a single document. It
seems like splitting this off into a separate/as yet unwritten document is
likely to cause
Dear SIDR-WG,
Since my original message was pretty long and detailed, and it does
not appear anyone has made it through it yet, let me try to summarize
the main issues with which it is concerned.
The current proposal focuses on ending support for Algorithm A.
IMHO, it does so at the expense of
Eric,
In response to your message from last week.
Some candidate text dealing with the timeline document in section 2:
An additional document, the algorithm transition
timeline will be published as a BCP (?) to define
the timeline for the algorithm suite transition.
It will defines dates
Hey Steve,
Thanks for the response. I commented below:
On Nov 14, 2011, at 10:16 AM, Stephen Kent wrote:
Eric,
In response to your message from last week.
Some candidate text dealing with the timeline document in section 2:
An additional document, the algorithm transition timeline
At 8:47 PM + 11/11/11, Murphy, Sandra wrote:
Guys, guys, guys. Steve: making reference to a person's company
concentrates too much on the personal. Please be more careful.
Brian, Eric: If you meant some individual contributors who I
happen to know and discuss this with, saying my
Kent
Cc: sidr@ietf.org list
Subject: Re: [sidr] WGLC for draft-ietf-sidr-algorithm-agility-03
On Nov 9, 2011, at 1:42 PM, Stephen Kent wrote:
At 1:27 AM -0500 11/8/11, Brian Dickson wrote:
...
I do not support adoption of this document in its current form.
The main reasons have to do
Danny,
Thank you for your comments and please see the response to your comments. Sorry
for the delay.
Roque.
On Oct 20, 2011, at 10:50 AM, Sandra Murphy wrote:
The authors have requested a WG LC for draft Algorithm Agility Procedure
for RPKI.
The document and the draft version
At 11:17 AM -0500 11/10/11, Eric Osterweil wrote:
On Nov 9, 2011, at 1:42 PM, Stephen Kent wrote:
At 1:27 AM -0500 11/8/11, Brian Dickson wrote:
...
I do not support adoption of this document in its current form.
The main reasons have to do with fundamental aspects which at a high
At 1:27 AM -0500 11/8/11, Brian Dickson wrote:
...
I do not support adoption of this document in its current form.
The main reasons have to do with fundamental aspects which at a high
level have been addressed by my colleagues,
so, this is a Verisign critique, provided by you, Eric, and
On Wed, Nov 9, 2011 at 1:42 PM, Stephen Kent k...@bbn.com wrote:
At 1:27 AM -0500 11/8/11, Brian Dickson wrote:
...
I do not support adoption of this document in its current form.
The main reasons have to do with fundamental aspects which at a high
level have been addressed by my
Hey Steve,
On Nov 8, 2011, at 6:37 PM, Stephen Kent wrote:
snip
...
1 - In the draft, there is discussion of the global agreement to move to
algorithm B. Who ensures the global agreement of B, and who chooses
and ensures agreement of the various dates?
the IETF is responsible for the
Rather than respond, point-by-point, I will top-reply, and try to
clear this up in a structured manner.
First, from the perspective of normative references:
- most of the main SIDR documents reference each other, both
generally, and in specific places.
-- e.g. -rpki-algs-05 refers to -arch, -cp,
Brian,
...
When three individuals from the same organization begin to comment on
a WG document during last call, and two of the individuals have no
history of substantial participation in the WG, one begins to
question whether this is mere coincidence. Your reference to
colleagues struck me
On Nov 9, 2011, at 1:42 PM, Stephen Kent wrote:
The main reasons have to do with fundamental aspects which at a high
level have been addressed by my colleagues,
so, this is a Verisign critique, provided by you, Eric, and Danny?
Steve,
Not that I need to justify or explain this to you or
On Nov 8, 2011, at 2:49 PM, Samuel Weiler wrote:
This document is basically ready for publication. While it is
painfully long, it is arguably one of the better written documents
this WG has produced. My thanks to the editors for their efforts.
Sam,
So am I crazy for thinking that putting
Hi Brian,
Thanks for your comments.
Please see inline.
Roque
(snif)
So the analogous high-level design for agility SHOULD be as follows:
- new CP documents may be published, with new OIDs
The CP document in section 6.1.5 refers the definition of the Algorithm Suite
to the
On Tue, Nov 8, 2011 at 5:40 AM, Roque Gagliano rogag...@cisco.com wrote:
Hi Brian,
Thanks for your comments.
Please see inline.
Roque
(snif)
So the analogous high-level design for agility SHOULD be as follows:
- new CP documents may be published, with new OIDs
The CP document in
On Nov 7, 2011, at 6:38 PM, Stephen Kent wrote:
Eric,
I didn't miss your point; I just do not agree with it. I was noting that
Terry suggested that a milestone doc ought to reflect input from the CAs and
RPs, and that the NRO and IANA are reasonable candidates for such input
This document is basically ready for publication. While it is
painfully long, it is arguably one of the better written documents
this WG has produced. My thanks to the editors for their efforts.
I am uneasy with the limitations imposed by this mechanism, but I have
nothing better to suggest.
On Nov 7, 2011, at 2:46 PM, Stephen Kent wrote:
...
I can appreciate that this document represents some long standing thought
and effort. However, the fact that I believe there is a flaw does not seem
to need the support of an alternate design, right? I'm pointing out an
operational
At 5:49 PM -0700 11/3/11, Terry Manderson wrote:
On 2/11/11 6:34 PM, Stephen Kent k...@bbn.com wrote:
Architecture, yes. Structured approach, yes. To both of those I agree.
Having the IETF define the dates when algorithms shift. I am not convinced.
An architecture that ignores the need
On Nov 2, 2011, at 4:34 AM, Stephen Kent wrote:
At 6:29 PM -0700 11/1/11, Terry Manderson wrote:
On 31/10/11 11:59 PM, Stephen Kent k...@bbn.com wrote:
I understand why you want to, but don't come to the same conclusion as to
the mechanism.
Is that really the IETF's job?
SIDR was
At 5:31 AM -0700 10/31/11, Terry Manderson wrote:
On 31/10/11 8:57 PM, Stephen Kent k...@bbn.com wrote:
At 7:18 PM -0700 10/30/11, Terry Manderson wrote:
We have included dates for alg start an EOL because they affect all
RPs, and we want to make life predictable for RPs. Also, because the
At 7:18 PM -0700 10/30/11, Terry Manderson wrote:
Some comments.
Section 4.3. Phase 0
I'm still struggling to see the necessity to put in the operational dates
for a Alg shift in [I-D.ietf-sidr-rpki-algs]. I concur that the future Alg
suite and to be EOL's suite should be identified once
On 31/10/11 8:57 PM, Stephen Kent k...@bbn.com wrote:
At 7:18 PM -0700 10/30/11, Terry Manderson wrote:
We have included dates for alg start an EOL because they affect all
RPs, and we want to make life predictable for RPs. Also, because the
WG agreed that alg transition will be top-down
I have read this document and think it should be published as a standards-track
RFC. It is fairly complex, but I could not find places to reduce the complexity
without removing scenarios that seem reasonably likely to pop-up in real-world
transitions.
--Paul Hoffman
On Oct 20, 2011, at 10:50 AM, Sandra Murphy wrote:
The authors have requested a WG LC for draft Algorithm Agility Procedure for
RPKI.
The document and the draft version history are available at
http://tools.ietf.org/html/draft-ietf-sidr-algorithm-agility-03
The last call will end Thu,
Some comments.
Section 4.3. Phase 0
I'm still struggling to see the necessity to put in the operational dates
for a Alg shift in [I-D.ietf-sidr-rpki-algs]. I concur that the future Alg
suite and to be EOL's suite should be identified once suitable candidates
have been selected in rpki-algs. But
: Thursday, October 20, 2011 10:50 AM
To: sidr@ietf.org
Subject: [sidr] WGLC for draft-ietf-sidr-algorithm-agility-03
The authors have requested a WG LC for draft Algorithm Agility Procedure
for RPKI.
The document and the draft version history are available at
http://tools.ietf.org/html/draft-ietf
On Thu, Oct 20, 2011 at 10:50 AM, Sandra Murphy
sandra.mur...@sparta.com wrote:
The authors have requested a WG LC for draft Algorithm Agility Procedure
for RPKI.
The document and the draft version history are available at
http://tools.ietf.org/html/draft-ietf-sidr-algorithm-agility-03
The
The authors have requested a WG LC for draft Algorithm Agility Procedure
for RPKI.
The document and the draft version history are available at
http://tools.ietf.org/html/draft-ietf-sidr-algorithm-agility-03
The last call will end Thu, 3 Nov 2011 (AOE).
As usual, please address all comments to
37 matches
Mail list logo