Hi Tim,
>> Prefix validate assumes full knowledge of all applicable ROAs (or other >> sources of information if they are used) and I believe this should be stated >> more strongly. >> >> The security considerations section addresses the possibility of a malicious >> attacker tampering with the database that is used for validation. It does >> not address the possibility of a database becoming incomplete for other >> reasons. > > This is the main point I wanted to make. I believe this can be easily > addressed by just stating the requirement in this document. Perhaps something > along these lines at the end of the first paragraph in the security > consideration section: > > "Additional or missing records resulting from retrieval and/or validation > errors can lead to the same problems." > > The following was just a discussion on how RPs can mitigate these problems. > But.. perhaps this is better addressed in a separate BCP, or future work on > specifications related to the repository and retrieval/validation by RPs. > > If the WG can agree with this then I can support last call.. I do not agree this is a "security" issue. I am guessing you meant permanent/eventual inconsistencies between the local and global repositories (since transient inconsistencies will always be there). That kind of inconsistency is most certainly a (protocol) implementation error and has to be dealt with at that layer. - Pradosh _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
