>From: sidr [mailto:[email protected]] On Behalf Of Demian Rosenkranz > >Correct, Im talking about really short lifetimes for ROAs (EE certificates). >The >RP software would be forced to cryptographically checks the objects again >and again over short intervals. >But long lifetimes for ROAs (EE certificates) mean at least bigger CRLs. >This would be one benefit of short lifetimes. >
Even if about a few hundred origination-change events occur in a year that require ROA-EE-certificate rollover, you are dealing with an increase of merely just that many additional entries in the CRL (with the long-lifetime ROAs and revocation approach). If instead short lifetimes are used, then 500,000 certs and ROAs would be propagated in the RPKI system periodically in each of those short intervals. The latter seems to be a much bigger price to pay. But if you can provide further analysis and insight in your thesis, it would be very welcome. We discussed and quantified these types choices and trade-offs earlier not in the context of ROA (EE cert) lifetimes, but in the context of AS or router key rollover mechanisms to mitigate BGPSEC update replay attacks. Please see: http://tools.ietf.org/html/draft-sriram-replay-protection-design-discussion-02 http://www.ietf.org/proceedings/85/slides/slides-85-sidr-4.pdf http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-rollover-02 Sriram _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
