[sidr] slight whoops

I was reminded that not all objects in the RPKI repository are CMS objects, e.g., certs and CRLs. These are binary objects that do not start with an OID. Nonetheless, since we have adopted rsync as the access protocol for the RPKI repository, and since it deals with files and filenames, using th

[sidr] slight whoops ...

Sean, I forgot to reply to your first comment. See what happens when you label it "0"? 0) Based on the assumption that draft-newton-sidr-policy-qualifiers will be adopted because that's what the RIRs want should s1.2 or 1.5 also include some information about where it can be found? This inf

Re: [sidr] slight whoops ...

> 0) Based on the assumption that draft-newton-sidr-policy-qualifiers will > be adopted i simply do not understand the utility of that draft either no one ever sees the urls, or they are a malware attack vector. randy ___ sidr mailing list sidr@ietf.o

Re: [sidr] slight whoops ...

Typically the rationale for the URI is so that the a CA can satisfy it's legal counsel that potential relying parties have been informed, via the URI, of the presence of a CPS, and that RPs who care can download and read it before maknig use of the certs issued by the CA. Its a CYA mechanism.

Re: [sidr] slight whoops ...

> Typically the rationale for the URI is so that the a CA can satisfy > it's legal counsel that potential relying parties have been informed, > via the URI, of the presence of a CPS, and that RPs who care can > download and read it before maknig use of the certs issued by the CA. > > Its a CYA mec

Re: [sidr] slight whoops ...

On Mar 5, 2013, at 5:47 PM, Randy Bush wrote: >> Typically the rationale for the URI is so that the a CA can satisfy >> it's legal counsel that potential relying parties have been informed, >> via the URI, of the presence of a CPS, and that RPs who care can >> download and read it before maknig u

Re: [sidr] slight whoops ...

On 06/03/2013, at 8:44 AM, Stephen Kent wrote: > Typically the rationale for the URI is so that the a CA can satisfy it's > legal counsel that > potential relying parties have been informed, via the URI, of the presence of > a CPS, and > that RPs who care can download and read it before maknig

Re: [sidr] slight whoops ...

That works for me. spt On 3/5/13 4:52 PM, Stephen Kent wrote: Sean, I forgot to reply to your first comment. See what happens when you label it "0"? 0) Based on the assumption that draft-newton-sidr-policy-qualifiers will be adopted because that's what the RIRs want should s1.2 or 1.5 also in

Re: [sidr] slight whoops ...

I understand why ARIN wants this -- I'm sure our legal folks would want something similar if we were in their predicament (i.e., one more place for indemnification against failures, compromises, actions of [grand]parents, etc..), reading the current RPA makes this clear: S.7 "You shall i

Re: [sidr] slight whoops ...

On Thu, Mar 7, 2013 at 2:54 PM, wrote: > I'm not sure I understand how this "opens the user to malware attack", could > you please explain? I understand the DoS vector, this certainly exists for > all of RPKI, but I don't understand "malware attack" please click on this link to accept my TOS:

Re: [sidr] slight whoops ...

On 2013-03-07 13:18, Christopher Morrow wrote: please click on this link to accept my TOS: That could be included anywhere - and if it's in a resource certificate then you've got far bigger problems than a "malware attack", methinks.

Re: [sidr] slight whoops ...

On Thu, Mar 7, 2013 at 3:25 PM, Danny McPherson wrote: > On 2013-03-07 13:18, Christopher Morrow wrote: > >> >> please click on this link to accept my TOS: >> > > > That could be included anywhere - and if it's in a resource certificate then

Re: [sidr] slight whoops ...

On Mar 7, 2013, at 3:18 PM, Christopher Morrow wrote: > On Thu, Mar 7, 2013 at 2:54 PM, wrote: >> I'm not sure I understand how this "opens the user to malware attack", could >> you please explain? I understand the DoS vector, this certainly exists for >> all of RPKI, but I don't understand "m

Re: [sidr] slight whoops ...

On Thu, Mar 7, 2013 at 3:46 PM, Eric Osterweil wrote: > > On Mar 7, 2013, at 3:18 PM, Christopher Morrow wrote: > >> On Thu, Mar 7, 2013 at 2:54 PM, wrote: >>> I'm not sure I understand how this "opens the user to malware attack", could >>> you please explain? I understand the DoS vector, this

Re: [sidr] slight whoops ...

On Mar 7, 2013, at 4:58 PM, Christopher Morrow wrote: > On Thu, Mar 7, 2013 at 3:46 PM, Eric Osterweil > wrote: >> >> On Mar 7, 2013, at 3:18 PM, Christopher Morrow wrote: >> >>> On Thu, Mar 7, 2013 at 2:54 PM, wrote: I'm not sure I understand how this "opens the user to malware attac

Re: [sidr] slight whoops on slide 13

At Thu, 30 Jul 2009 08:10:04 -0400, Steve Kent wrote: > > Geoff Houston saw both the original and revised slides and pointed > out that the revisions was not correct (which may have been what Rob > alluded to in a question to me late in the session.) The problem > Geoff noted is that FOO will f