Re: Last Call: <draft-ietf-sidr-rpki-rtr-19.txt> (The RPKI/Router Protocol) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 21, 2011 at 08:01:49AM -0500,
 Russ Housley <housley@xxxxxxxxxxxx> wrote 
 a message of 22 lines which said:

> Since all of the objects that are transferred over this protocol are
> digitally signed,

Over RTR? It is not mentioned in the I-D, quite the contrary.

> I think the Security Considerations section (Section 11) does a good
> job explaining the situation

Precisely, it explains that the link router<->cache must be secured
because the data is *not* signed:

      But this protocol document assumes that the routers can not do the
      validation cryptography.  Hence the last link, from cache to
      router, is secured by server authentication and transport level
      security.  This is dangerous, as server authentication and
      transport have very different threat models than object security.

      So the strength of the trust relationship and the transport
      between the router(s) and the cache(s) are critical.  You're
      betting your routing on this.

      
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]