So, I should have waited until after the thurs meeting content settled... Before sending this blithely off to the AD's for processing. The room discussion about this draft wended it's way into:
"Is SSH as a transport really necessary?" and: "Well, we like ssh because we understand it... well, maybe we just need something like md5 or AO?" and ended with: "Hey, AO may be acceptable, we can chat more about this, and potentially add it if people think it's of interest?" That said I quickly looked around for 'open source plaforms with AO support': <http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=net/ipv4/tcp.c;h=b22d450105450ae089d42a06486938fcaa2c80dc;hb=HEAD> only mentions MD5. I don't see support for AO in FreeBSD, though my fbsd-foo is ... poor. Do we want to rev the draft and add AO as an option for the transport? or just stick with SSH? -Chris On Thu, Mar 31, 2011 at 5:18 PM, Christopher Morrow <[email protected]> wrote: > for the record, this concluded with a single set of comments that the > authors addressed... so it's falling to the next line of process > stakes: iesg review. > > -Chris > > On Wed, Feb 16, 2011 at 7:39 PM, Christopher Morrow > <[email protected]> wrote: >> Ok folk, >> The rpki-rtr document: >> <http://tools.ietf.org/wg/sidr/draft-ietf-sidr-rpki-rtr> >> >> went through WGLC on version ~02, it's since had a slight mod (added a >> Cache-nonce added) which is here in section 4.1: >> >> "The Cache Nonce reassures the router that the serial numbers are >> comensurate, i.e. the cache session has not been changed." >> >> and again in 4.2: >> "The Cache Nonce tells the cache what instance the router expects to >> ensure that the serial numbers are comensurate, i.e. the cache >> session has not been changed." >> >> and again in 4.4: >> "In response to a Reset Query, the Cache Nonce tells the router the >> instance of the cache session for future confirmation. In response >> to a Serial Query, the Cache Nonce reassures the router that the >> serial numbers are comensurate, i.e. the cache session has not been >> changed." >> >> and again in 4.7: >> "The Cache Nonce MUST be the same as that of the corresponding Cache >> Response which began the, possibly null, sequence of data PDUs." >> >> There's not much meat to the actual change, and the authors identified >> the problem on their own. So, in the spirit of valentines day, let's >> decide by Friday Feb 18, 2011 23:59 UTC if things are still ok to move >> forward. If there are no further comments/issues I'll push this >> version out over the weekend to the AD's as a publication request. >> >> -Chris >> <co-chair-messenger-bag==off> >> > _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
