randy/draft-rpki-has-no-identity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

scudder comments

Browse source
This commit is contained in:
Randy Bush 2022-04-18 20:55:34 -07:00
parent 98e4f12efe
commit 993d7dae5c
1 changed files with 12 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

34
draft-ietf-sidrops-rpki-has-no-identity.xml
View file

@ -50,8 +50,8 @@
<t>There is a false notion that Internet Number Resources (INRs) in <t>There is a false notion that Internet Number Resources (INRs) in
the RPKI can be associated with the real-world identity of the the RPKI can be associated with the real-world identity of the
'holder' of an INR. This document attempts to make clear that 'holder' of an INR. This document specifies that RPKI does not
notion is incorrect.</t> associate to the INR holder.</t>
</abstract> </abstract>
@ -104,8 +104,8 @@
Resource Public Key Infrastructure, not for "Identity". In fact, Resource Public Key Infrastructure, not for "Identity". In fact,
the RPKI does not provide any association between INRs and the real the RPKI does not provide any association between INRs and the real
world holder(s) of those INRs. The RPKI provides authorization to world holder(s) of those INRs. The RPKI provides authorization to
make assertions only regarding named IP address blocks, AS numbers, make assertions only regarding Internet Number Resources, such as IP
etc.</t> prefixes or AS numbers, and data such as ASPA records.</t>
<t>In short, avoid the desire to use RPKI certificates for any <t>In short, avoid the desire to use RPKI certificates for any
purpose other than the verification of authorizations associated purpose other than the verification of authorizations associated
@ -126,30 +126,20 @@
<t>That the RPKI does not authenticate real-world identity is by <t>That the RPKI does not authenticate real-world identity is by
design. If it tried to do so, aside from the liability, it would design. If it tried to do so, aside from the liability, it would
end in a world of complexity with no proof of termination, as X.400 end in a world of complexity with no proof of termination.</t>
learned.</t>
<t>Registries such as the Regional Internet Registries (RIRs) <t>Registries such as the Regional Internet Registries (RIRs)
provide INR to real-world identity mapping through WHOIS, <xref provide INR to real-world identity mapping through WHOIS, <xref
target="RFC3912"/>, and similar services. They claim to be target="RFC3912"/>, and similar services. They claim to be
authoritative, at least for the INRs which they allocate.</t> authoritative, at least for the INRs which they allocate.</t>
<t>PKI operations MUST NOT be performed with RPKI certificates other
than exactly as described, and for the purposes described, in <xref
target="RFC6480"/>. That is, RPKI-based credentials of INRs MUST
NOT be used to authenticate real-world documents or transactions
without some formal external authentication of the INR and the
authority for the actually anonymous INR holder to authenticate the
particular document or transaction.</t>
<t>I.e., RPKI-based credentials of INRs MUST NOT be used to <t>That is, RPKI-based credentials of INRs MUST NOT be used to
authenticate real-world documents or transactions without some authenticate real-world documents or transactions. That might be
formal external authentication of the INR and the authority for the done with some formal external authentication of authority for an
actually anonymous INR holder to authenticate the particular otherwise anonymous INR holder to authenticate the particular
document or transaction.</t> document or transaction. Given such external, i.e. non-RPKI,
verification of authority, the use of RPKI-based credentials seems
<t>Given sufficient external, i.e. non-RPKI, verification of superfluous.</t>
authority, the use of RPKI-based credentials seems superfluous.</t>
</section> </section>