nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: plea for comcast/sprint handoff debug help

From: Job Snijders <job () ntt net>
Date: Fri, 30 Oct 2020 10:06:05 +0000
On Thu, Oct 29, 2020 at 09:14:16PM +0100, Alex Band wrote:

In fact, we argue that it's actually a bad idea to do so:

https://blog.nlnetlabs.nl/why-routinator-doesnt-fall-back-to-rsync/

We're interested to hear views on this from both an operational and
security perspective.


I don't see a compelling reason to not use rsync when RRDP is
unavailable.

Quoting from the blog post:

    "While this isn’t threatening the integrity of the RPKI – all data
    is cryptographically signed making it really difficult to forge data
    – it is possible to withhold information or replay old data."

RRDP does not solve the issue of withholding data or replaying old data.
The RRDP protocol /also/ is unauthenticated, just like rsync. The RRDP
protocol basically is rsync wrapped in XML over HTTPS.

Withholding of information is detected through verification of RPKI
manifests (something Routinator didn't verify up until last week!),
and replaying of old data is addressed by checking validity dates and
CRLs (something Routinator also didn't do until last week!).

Of course I see advantages to this industry mainly using RRDP, but those
are not security advantages. The big migration towards RRDP can happen
somewhere in the next few years.

The arguments brought forward in the blog post don't make sense to me.
The '150,000' number in the blog post seems a number pulled from thin
air.

Regards,

Job
Previous By Date Next
Previous By Thread Next

Current thread: