This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[routing-wg] Penetration Test Report for RPKI
- Previous message (by thread): [routing-wg] Penetration Test Report for RPKI
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ties de Kock
tdekock at ripe.net
Mon Dec 27 11:22:55 CET 2021
Hi Job, Randy, > On 21 Dec 2021, at 23:57, Job Snijders via routing-wg <routing-wg at ripe.net> wrote: > > On Tue, Dec 21, 2021 at 01:23:01PM -0800, Randy Bush wrote: >>> We hope you will find these reports useful >> >> very much so. thank you. > > Yes, I'd like to echo what Randy says. Thanks for sharing this. > >> btw, re RIPE-009 - Unencrypted Communication >> >> in the up/down protocol, objects are cms wrapped and hence signed and >> objct authenticated; i.e. i would not panic about transport cia. > > Indeed. But I can imagine that in a world where virtually all > (originally HTTP-only yolo) APIs now have been migrated to HTTPS, any > API which ** by design ** is HTTP-only, would indeed stand out to > pentest researchers. > > I think it is good the testers noticed this aspect, and also good that > RIPE NCC noted in the response "Up-down remains on HTTP and uses a CMS > wrapper for authentication." > > The up/down protocol is somewhat similar in terms of security > considerations to how one can transport signed RPKI data from > Publication Point (repositories) to Relaying Party (validator > instances). In that context too, the use of unencrypted transport (like > RSYNC, or PIGEON) is deemed acceptable because the threat model is based > on a robust interpretation of object-security** to such an extend that > transport-security is inconsequential. I agree with that assessment. Any plaintext endpoint that could use TLS stands out. And in general, that is for a good reason, TLS provides encryption, authentication, and integrity - which are good properties to have. For published RPKI objects, encryption is not needed and the object-security model offers authentication and integrity. >> otoh, i suspect there could be a path to move your delegated CAs to >> TLS; which might be conservative in the long run. > > Would you mind elaborating on what you mean with the phrase "might be > conservative in the long run?". Moving delegated CAs to TLS would protect against currently unknown attacks. It is defence in depth. I would strongly prefer this endpoint to use TLS; there is a story on the RPKI backlog to move the delegated CAs to TLS. Kind regards, Ties — > > Kind regards, > > Job > > ** One crucial corner stone to the concept of 'RPKI object security' is > a thing called "RPKI Manifests". Manifests are an elegant and very > powerful idea in the X.509 universe: the ability to securely group > objects together. All modern validators use manifests: make sure your > validator is updated to the latest version! Read more about what > Manifests are here: > https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-6486bis-09 > This doc is now going through IETF last-call. > > -- > > To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://mailman.ripe.net/
- Previous message (by thread): [routing-wg] Penetration Test Report for RPKI
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]