This is not quite right. It is true that theWebPKI provide authentication and integrity when https:// is used, but this is not required. If http:// were used, and the file was modified in transit by an attacker, the RPKI signature check would fail.
Yes. Which is why I'm suggesting that you mandate https.
I do not have a problem mandating the use of https:// for authentication and integrity protection of the file. I think that is shown in the examples. I am saying that doing so does not "chain" the trust models.
Explain how an attacker could get a client to accept a forged geofeed data file authenticated as I have suggested, because I'm not seeing it.
We are not understanding each other. The RPKI signature will prevent the relying party from accepting a modified file, regardless of the means used to fetch it. For this reason, there is no need think about the interaction of the RPKI and the WebPKI. No dependency is being created.
Russ
|
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
