plea for comcast/sprint handoff debug help

• Previous message (by thread): RPKI over RSYNC vs RRDP (Was: plea for comcast/sprint handoff debug help)
• Next message (by thread): plea for comcast/sprint handoff debug help
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 29, 2020 at 09:14:16PM +0100, Alex Band wrote:
> In fact, we argue that it's actually a bad idea to do so:
> 
> https://blog.nlnetlabs.nl/why-routinator-doesnt-fall-back-to-rsync/
>
> We're interested to hear views on this from both an operational and
> security perspective.

I don't see a compelling reason to not use rsync when RRDP is
unavailable.

Quoting from the blog post:

    "While this isn’t threatening the integrity of the RPKI – all data
    is cryptographically signed making it really difficult to forge data
    – it is possible to withhold information or replay old data."

RRDP does not solve the issue of withholding data or replaying old data.
The RRDP protocol /also/ is unauthenticated, just like rsync. The RRDP
protocol basically is rsync wrapped in XML over HTTPS.

Withholding of information is detected through verification of RPKI
manifests (something Routinator didn't verify up until last week!),
and replaying of old data is addressed by checking validity dates and
CRLs (something Routinator also didn't do until last week!).

Of course I see advantages to this industry mainly using RRDP, but those
are not security advantages. The big migration towards RRDP can happen
somewhere in the next few years.

The arguments brought forward in the blog post don't make sense to me.
The '150,000' number in the blog post seems a number pulled from thin
air.

Regards,

Job

• Previous message (by thread): RPKI over RSYNC vs RRDP (Was: plea for comcast/sprint handoff debug help)
• Next message (by thread): plea for comcast/sprint handoff debug help
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]