Re: [sidr] GOST & SIDR

To: Randy Bush <randy at psg.com>
Subject: Re: [sidr] GOST & SIDR
From: Samuel Weiler <weiler+lists.sidr at watson.org>
Date: Mon, 20 Apr 2009 17:55:50 -0400 (EDT)
Cc: sidr at ietf.org
Delivered-to: sidr at core3.amsl.com
In-reply-to: <m2ocuwtdgi.wl%randy at psg.com>
List-archive: <http://www.ietf.org/mail-archive/web/sidr>
List-help: <mailto:sidr-request@ietf.org?subject=help>
List-id: Secure Interdomain Routing <sidr.ietf.org>
List-post: <mailto:sidr@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
References: <D556D856-C2C3-4D60-BD8C-472619375DFB at tcb.net> <49DA347E.8010801 at burkov.aha.ru> <alpine.BSF.2.00.0904161158110.27241 at fledge.watson.org> <m2ocuwtdgi.wl%randy at psg.com>
User-agent: Alpine 2.00 (BSF 1167 2008-08-23)

On Fri, 17 Apr 2009, Randy Bush wrote:

And is there any reason why algorithm agility won't just work?


how do you capability negotiate with a cert?  i understand how to do it
with a protocol peer, but not a static object.


I'm not suggesting negotiation.

I'm asking "will RPKI partcipants who want to use algorithms differentfrom the norm and/or their parents be able to do so without any badeffects"? Using strange algorithms may well mean that most relyingparties can't verify the certificates, but that's to be expected.

i suppose with enough complexity, ...  but this is one of those time i
think there is a version number in the protocol.

So long as "version number" isn't a synonym for "flag day", there'snothing wrong with having one. But we already have algorithmidentifiers in the certs. Are those enough?


-- Sam

Follow-Ups:
- Re: [sidr] GOST & SIDR
  - From: Randy Bush

References:
- [sidr] GOST & SIDR
  - From: Danny McPherson
- Re: [sidr] GOST & SIDR
  - From: Dmitry Burkov
- Re: [sidr] GOST & SIDR
  - From: Samuel Weiler
- Re: [sidr] GOST & SIDR
  - From: Randy Bush

Prev by Date: Re: [sidr] GOST & SIDR
Next by Date: Re: [sidr] GOST & SIDR
Previous by thread: Re: [sidr] GOST & SIDR
Next by thread: Re: [sidr] GOST & SIDR
Index(es):
- Date
- Thread

Re: [sidr] GOST & SIDR

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.