A Publication Protocol for the Resource Public Key Infrastructure (RPKI)
draft-ietf-sidr-publication-12

[Ballot comment]
Thank you for addressing my DISCUSS point. A couple of remaining issues:

I still think lack of details about versionning and what requires (or not) to bump the version number is a mistake.

RFC 2616 (HTTP) got obsoleted, please reference the latest version.

In 2.5: is the list of error reasons extensible? If yes, should you have an IANA registry for them?

In Section 5 you should reference this document (and not just section numbers), as IANA registrations cut & pasted to IANA website as separate files.

[Ballot discuss]

Why is sha-256 hardcoded? You could easily include a hash
alg-id even as an option and in that way get algorithm
agility, as called for by BCP201.  (Or you could use something
like ni URIs but that's a bit of a self-serving suggestion;-)
Anyway, what's the plan for replacing sha-256 here? (This is a
bit of a subset of Alissa's discuss with which I agree.)

One possible way to handle this here is to identify sha-256 as
the default hash algorithm but to re-define the ABNF for hash
to allow an alg-id of some sort to be included there. Or have
some generic versioning text somewhere that calls for a
version bump if sha-256 is not to be used.

(If the authors want to include this as a part of the
discussion of Alissa's discuss, I'm fine with that and with
clearing this discuss and letting the disucsion happen on that
thread. But since the solutions could differ, I wanted to at
least start a separate discussion on alg. agility.)

[Ballot comment]


- general: I think a design that uses https with mutual auth
would have been better and easier. But given that this is
implemented and deployed, I guess it's too late for this one.

- As with the oob spec, the xmlns values get me a 404.

- section 6: I don't agree that CMS signed data means that
https is not needed. The latter provides confidentiality and
integrity and server auth which the former does not.  And even
ignoring the security reasons, https is arguably much easier
to deploy and requires less development. And http is
vulnerable to middlebox messing (e.g. a client using http is
more likely to be forced to support cleartext proxy-auth
passwords).  I would encourage you to encourage use of https
with server auth in addition to CMS signed data payloads.

[Ballot comment]
Most of my comments have already been made by others. But with the questions about upgrade paths, I see there is in fact a "version" element defined. How is that expected to be used? I don't see a version related error code.

[Ballot comment]
Thanks for addressing the security directorate review.

As for Alissa's comment on transport, more language added to the Security Considerations section would be helpful to explain why the CMS signature is sufficient.  I am assuming that the only exposure would be to public information during transport that is protected from tampering, unless I missed something in reading the draft (I don't think you are transferring private keys and didn't see that in the text).

Security controls being managed according to the CA policy mentioned earlier in the document is appropriate, having run CAs before - there are strict requirements already depending on the level you plan to run the CA.

[Ballot discuss]
I support Alissa's DISCUSS point on versioning.

I find the document to be a bit short on normative references and some implementation details. Other than that the document looks fine. My specific questions and concern are as follows:

1) Please add a normative reference for HTTP, URI and RelaxNG on first use.

2) Base64 needs a normative reference (including the section number, as there are 2 variants).

3) Section 2 says that all payloads use CMS. None of your examples show CMS. Can you please elaborate on how CMS is used?

4) How can URI of the service be discovered?

[Ballot comment]
In 2.5: is the list of error reasons extensible?

Was Relax NG schema validated with a tool?

In Section 5 you should reference this document (and not just section numbers), as IANA registrations cut & pasted to IANA website as separate files.

[Ballot discuss]
Updating after reading sidr-oob-setup-06.

I see that the publisher wins as per Section 5.2.4

My original discuss us below, so you may omit the concern about negotiating the URI. The remainder stands.

Thanks
T.

=-=-=-=-=-=-=-=-
Thanks for finally bringing this protocol forward.

I support Alissa's and Alexey's concerns.

I only have one discuss for this draft.

Looking at section 4, operational considerations I was expecting to see a review of any considerations as to how this protocol works, the interaction between the layers of HTTP, CMS, and XML and any implementation differences/difficulties that exist between the 2 known implementations. Instead there is a discussion on laying out the repository structure under the mandatory to implement _retrieval_ mechanism (RSYNC) and the nuances of RSYNC itself. This appears to be misplaced as the protocol (HTTP/CMS/XML) interactions here are simply about publication from a certificate authority operator to a repository operator, and in that space surely the publication protocol (this doc) is agnostic to the exact repo structure.

In both a database world (not a file based one) and where multiple RPKI fetch mechanisms (rsync, http, torrent, etc ...) are used, how is the exact URI meaningful for sidr-publication? There might be a deeper problem here regarding any potential collisions and negotiation of the URI space between the certificate authority operator and the publication repository operator. (sure, in a situation where Alice does both, no problem.) So you may wish to address issues like that in the operational considerations section as opposed to dealing with RSYNC (in)efficiencies.

[Ballot discuss]
Thanks for finally bringing this protocol forward.

I support Alissa's and Alexey's concerns.

I only have one discuss for this draft.

Looking at section 4, operational considerations I was expecting to see a review of any considerations as to how this protocol works, the interaction between the layers of HTTP, CMS, and XML and any implementation differences/difficulties that exist between the 2 known implementations. Instead there is a discussion on laying out the repository structure under the mandatory to implement _retrieval_ mechanism (RSYNC) and the nuances of RSYNC itself. This appears to be misplaced as the protocol (HTTP/CMS/XML) interactions here are simply about publication from a certificate authority operator to a repository operator, and in that space surely the publication protocol (this doc) is agnostic to the exact repo structure.

In both a database world (not a file based one) and where multiple RPKI fetch mechanisms (rsync, http, torrent, etc ...) are used, how is the exact URI meaningful for sidr-publication? There might be a deeper problem here regarding any potential collisions and negotiation of the URI space between the certificate authority operator and the publication repository operator. (sure, in a situation where Alice does both, no problem.) So you may wish to address issues like that in the operational considerations section as opposed to dealing with RSYNC (in)efficiencies.

[Ballot comment]
(Hit the send button too quickly, sorry for the multiple emails.)

Although I understand why Section 6 says transport security is not strictly required, given that the authentication and authorization mechanisms that this protocol relies on are outside of the scope here, isn't it possible that clients and servers may be exchanging cookies or other headers in the course of using this protocol that would benefit from transport encryption? It seems like mentioning that transport security may still be beneficial although not required might be a good idea.

[Ballot discuss]
What is the upgrade path for the future when new versions of this protocol get published? How are clients and servers meant to agree on which version to use?

[Ballot comment]
My only question is why this is a sidr wg doc? This seems like a general mechanism that cannot only be used in the routing infrastructure. Has this doc been at least reviewed by other wgs?

[Ballot discuss]
I find the document to be a bit short on normative references and some implementation details. Other than that the document looks fine. My specific questions and concern are as follows:

1) Please add a normative reference for HTTP, URI and RelaxNG on first use.

2) Base64 needs a normative reference (including the section number, as there are 2 variants).

3) Section 2 says that all payloads use CMS. None of your examples show CMS. Can you please elaborate on how CMS is used.

4) How can URI of the service be discovered?

[Ballot comment]
In 2.5: is the list of error reasons extensible?

Was Relax NG schema validated with a tool?

In Section 5 you should reference the document, as IANA registrations cut & pasted to IANA website as separate files.

(Via drafts-lastcall-comment@iana.org): IESG/Authors/WG Chairs:

The IANA Services Operator has completed its review of draft-ietf-sidr-publication-09.txt. If any part of this review is inaccurate, please let us know.

The IANA Services Operator understands that, upon approval of this document, there is a single action which we must complete.

In the application Media Types registry located at:

https://www.iana.org/assignments/media-types/

a single, new Media Type is to be registered as follows:

Name: rpki-publication
Template: [ TBD-at-registration ]
Referenece: [ RFC-to-be ]

The IANA Services Operator understands that this is the only action required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed.

Thank you,

Sabrina Tanamal
IANA Services Specialist
PTI

The following Last Call announcement was sent out:

From: The IESG
To: "IETF-Announce"
CC: morrowc@ops-netman.net, sidr-chairs@ietf.org, "Chris Morrow" , sidr@ietf.org, aretana@cisco.com, draft-ietf-sidr-publication@ietf.org
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (A Publication Protocol for the Resource Public Key Infrastructure (RPKI)) to Proposed Standard


The IESG has received a request from the Secure Inter-Domain Routing WG
(sidr) to consider the following document:
- 'A Publication Protocol for the Resource Public Key Infrastructure
  (RPKI)'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2017-01-06. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This document defines a protocol for publishing Resource Public Key
  Infrastructure (RPKI) objects.  Even though the RPKI will have many
  participants issuing certificates and creating other objects, it is
  operationally useful to consolidate the publication of those objects.
  This document provides the protocol for doing so.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-sidr-publication/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-sidr-publication/ballot/


No IPR declarations have been submitted directly on this I-D.

=== AD Review of draft-ietf-sidr-publication-09 ===

I don’t have substantial concerns with the document itself (please see some relatively minor comments below), but I do with parts of the process.  Specifically, even though there are a couple of implementations available, the Media Type request has not been reviewed [RFC6838] and there hasn’t been a formal review or validation of the XML schema – at least according to the Shepherd’s write-up or the mailing list archive.

Some questions before we move to close those gaps:

1. Has the XML been validated using any well-known tool (online or otherwise)?
2. Why isn’t an IETF namespace [RFC3688] used in the XML schema?  I would strongly suggest that you use one and request it in the IANA Considerations Section.
3. To take the burden off a single person, I think it would be better for the change control of the new Media Type to reside in the IETF.  I know that is not how other rkpi-related registrations have been done, but it is probably better in the long term.  Any objections?

Chris: As Shepherd, I am going to need your help after we get answers for the questions above.  I need you to please make sure the following happens (either done by the authors or you): request the preliminary community review for the Media Type (RFC6838), and run an automated check of the XML (Q19).  I’ll then need you to also update the Shepherd’s write-up.


I’ll start the IETF Last Call once the above has been done (we’ll need a revision to at least request an IETF namespace) and take care of requesting an ART Directorate Review in parallel.

Thanks!

Alvaro.



Comments:

P1. From 2.1: “This document describes version 4.”  Not 1?  Is there something else that I’m missing about this protocol, like a previous version?  Or a document this replaces?  If this is the first version, I don’t have a real objection about starting with version 4 – but would be curious to know why.

P2. This text is 2.2 is not clear, it sounds like a description of what happens in a specific implementation and not a specification: “When a query fails, one or more  reply PDUs are generated.  Typically, only one  reply is generated, corresponding to the first query PDU that failed.  Servers are permitted to return multiple  PDUs.”  Does this mean that at least one is required, but that multiple are optional?  Please be specific.

P3. From 2.3: “A  query must be the only PDU in a query…”  Should that “must” be a “MUST”?

P4. In 2.2: “For  PDUs, the hash is mandatory…For  PDUs, the hash MUST be present…”  It would be nice to describe the normative behavior consistently: either say it is mandatory or use MUST.  I realize the end result is the same…that’s why this is a nit.

P5. Section 6: “Although the hashes used in the  and  PDUs are cryptographic strength…”  Perhaps “are cryptographically secure” or “have cryptographic strength”…

P6. s/use this protocol delete/use this protocol to delete

As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 February 2012.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

Proposed Standard

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

"This document defines a protocol for publishing Resource Public Key
  Infrastructure (RPKI) objects.  Even though the RPKI will have many
  participants issuing certificates and creating other objects, it is
  operationally useful to consolidate the publication of those objects.
  This document provides the protocol for doing so."

Working Group Summary

  Was there anything in WG process that is worth noting? For
  example, was there controversy about particular points or
  were there decisions where the consensus was particularly
  rough?

Good discussion in the WG list and meetings.

Document Quality

  Are there existing implementations of the protocol? Have a
  significant number of vendors indicated their plan to
  implement the specification? Are there any reviewers that
  merit special mention as having done a thorough review,
  e.g., one that resulted in important changes or a
  conclusion that the document had no substantive issues? If
  there was a MIB Doctor, Media Type or other expert review,
  what was its course (briefly)? In the case of a Media Type
  review, on what date was the request posted?

There are two implementations of the publication protocol/


Personnel

  Who is the Document Shepherd? Who is the Responsible Area
  Director?

shepherd: Chris Morrow (me)

(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

I read over the document a few times during it's lifecycle.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

no concerns

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

no special review required.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

no concerns.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

yes

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

no IPR issues

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

Solid consensus in the WG.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)


no appeals.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

nothing substantial, some cleanup items for auth48.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

no formal review is required for this document.

(13) Have all references within this document been identified as
either normative or informative?

no downward refs, all others properly normative/informative.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

no.

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

no downrefs

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

no change on other documents.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

There are IANA considerations, documented thoroughly.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

no expert review required.
an existing registry is to be used.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.


no xml/bnf involved.