Algorithm Agility Procedure for the Resource Public Key Infrastructure (RPKI)
draft-ietf-sidr-algorithm-agility-12

IANA has reviewed draft-ietf-sidr-algorithm-agility-11, which is
currently in Last Call, and has the following comments:

We understand that, upon approval of this document, there are no IANA
Actions that need completion.

The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Subject: Last Call:  (Algorithm Agility Procedure for RPKI.) to Best Current Practice


The IESG has received a request from the Secure Inter-Domain Routing WG
(sidr) to consider the following document:
- 'Algorithm Agility Procedure for RPKI.'
  as Best Current Practice

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2013-02-07. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract

  This document specifies the process that Certification Authorities
  (CAs) and Relying Parties (RPs) participating in the Resource Public
  Key Infrastructure (RPKI) will need to follow to transition to a new
  (and probably cryptographically stronger) algorithm set.  The process
  is expected to be completed in a time scale of several years.
  Consequently, no emergency transition is specified.  The transition
  procedure defined in this document supports only a top-down migration
  (parent migrates before children).

The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-sidr-algorithm-agility/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-sidr-algorithm-agility/ballot/


No IPR declarations have been submitted directly on this I-D.

This draft was previously last called with an intended status of
Proposed Standard. The purpose of this last call is to determine
if there is IETF consensus to publish this draft as a BCP.

[Ballot comment]
I concur that this document ought to be a BCP.

The use of 2119 in this document tickles me, and for weird reasons I think most of it is OK. The IETF procedural MUSTs (like updating documents) I find a bit goofy, but I find the steps like "CAs MUST have reissued all of their signed product sets" to be rather interoperability oriented, albeit about the interoperation of things at an operational level where the endpoints of the "protocol" are humans and organizations. (If you don't do some of these things, interoperability does seem to fail.) Although I agree with Stephen that most of these MUSTs are unnecessary, and I certainly think they're weird, they don't violate my sensibilities. I will use this document as an interesting example in  an upcoming discussion we're going to have at the WG Chairs lunch.

[Ballot comment]
I have downgraded my Discuss to a Comment after useful input from Stephen Farrell.

As Stephen Kent points out, the Abstract contains suitable language that scopes the document to CAs participating in the RPKI. Making a similar statement in the Introduction would be helpful.

I continue to feel that the IETF is not in a position to dictate how the RPKI will be run, but I agree that the IETF can dcument the process it believes should be run. I should be happier if the document took a tone more consistent with guidance than with requirement.

[Ballot comment]

This isn't a DISCUSS, since I assume the IETF has to keep the
ability to ignore process rules such as the ones embedded in
this draft when the need arises, and those rules turn out to
be problematic. I think you could lose all the process MUSTs
if you wanted to, and the idea of the timeline as an RFC, but
I don't object to you having them since if they become badly
problematic, that'll have to be sensibly handled at the time
of a real transition. Put another way - this plan for the
future assumes our current processes remain in place, which
seems fragile to me.

Overall, I think this would be better re-written as "here's
our best idea for a plan for this transition" and doing so is
good whilst the SIDR WG are active, but I would not expect
this to be interpreted as other than guidance once a few
years have passed and some part(s) of our proceses have
changed and the reality of operating the RPKI demonstrates
that this document got a couple of details wrong.

Another alternative might be to call for a "phase 0.9999..."
where this RFC MUST be updated as a BCP just before phase 1,
but that might be too self-referential:-)

All that makes me sympathetic to Adrian's discuss but not
supportive of blocking the document on that basis.

- Section 2 says that 6485 "MUST be updated," but that the CP
policy OID will not change. This assumes that RFC meta-data
relationships do not change.

- The transition timeline as a BCP depends on the concept of
BCP being roughly the same. It could be that a document like
that would not be considered a sensible BCP by then.

- What happens if the dates set out as goals in the
transition timeline document slip? What happens if they slip
by less than the time it takes to update the transition
timeline document? Saying "MUST be re-issued" doesn't seem so
good a plan to me.

- "Suite B" seems like an unfortunate name for an example as
its a term of art that exists in this space but is different.

- 4.5 requires action from "every CA" which also seems
fragile. What if some CA ignores this? What if that one is
too big to fail?

- 4.7 - what if this date slips signicantly? Are you calling
for the timeline to be re-issued?

[Ballot discuss]

  Should this document be a BCP?  Many MUST statements are actions to
  be taken by the IETF or others that implement IETF specifications.

[Ballot discuss]
I was all set to ballot Yes on this document, but ran into something
that surprised me a lot.

  For each algorithm transition, an additional document (the algorithm
  transition timetable) MUST be published (as an IETF BCP) to define
  the dates for each milestone defined in this document.

I was not aware that the IETF was in any position to dictate a timetable
for deployment of function in the Internet. I wish I had known this,
because it would certainly have been a way to get IPv6 deployed.

Seriously, what possible impact would such a timetable document have on
an environment that is not required to deploy or use RPKI? Such a
timetable may be something that the IETF can advise on, but any
agreement to implement is surely between the deployers, and is outside
the scope of the IETF.

Very much in the same light, the use of RFC 2119 language in this
document appears to constrain CAs and RPs. But I don't think the IETF
can do that. What we can do is constrain CAs and RPs that wish to
conform to the processes described in this document.

To clear this Discuss I will need to be convinced by someone (the
shepherding AD?) that such a future document and constraints are in
scope, and that the WG is not hoping to become some kind of regulatory
body. Alternatively, it may be possible to update the text to soften the
purpose and clarify what the IETF is saying.

[Ballot comment]
Pedant alert!
Section 2
  The RPKI must accommodate transitions between the public keys used by
  CAs.  Transitions of this sort are usually termed "key rollover".
  Planned key rollover will occur at regular intervals throughout the
  life of the RPKI, as each CA changes its public keys, in a non-
  coordinated fashion.
It seems to me unlikely that the rollover will be "at regular intervals"

---

The two idnit issues could be fied if the document is opened for further
edits.

IANA has reviewed draft-ietf-sidr-algorithm-agility-08, which is currently in Last Call, and has the following comments:

IANA understands that, upon approval of this document, there are no
IANA Actions that need completion.

The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Subject: Last Call:  (Algorithm Agility Procedure for RPKI.) to Proposed Standard


The IESG has received a request from the Secure Inter-Domain Routing WG
(sidr) to consider the following document:
- 'Algorithm Agility Procedure for RPKI.'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2012-12-14. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  This document specifies the process that Certification Authorities
  (CAs) and Relying Parties (RPs) participating in the Resource Public
  Key Infrastructure (RPKI) will need to follow to transition to a new
  (and probably cryptographically stronger) algorithm set.  The process
  is expected to be completed in a time scale of months or years.
  Consequently, no emergency transition is specified.  The transition
  procedure defined in this document supports only a top-down migration
  (parent migrates before children).




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-sidr-algorithm-agility/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-sidr-algorithm-agility/ballot/


No IPR declarations have been submitted directly on this I-D.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)? Why
is this the proper type of RFC? Is this type of RFC indicated in the
title page header?


This document is targeted to become a Proposed Standard. I think this is
approprite because it specifies RFC 2119 type requirements on deployments,
as well as requirements on documents that will document dates for different
phases of an algorithm migration event.


(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

Relevant content can frequently be found in the abstract
and/or introduction of the document. If not, this may be
an indication that there are deficiencies in the abstract
or introduction.

This document specifies the process that Certification Authorities
(CAs) and Relying Parties (RPs) participating in the Resource Public
Key Infrastructure (RPKI) will need to follow to transition to a new
(and probably cryptographically stronger) algorithm set. The process
is expected to be completed in a time scale of months or years.
Consequently, no emergency transition is specified. The transition
procedure defined in this document supports only a top-down migration
(parent migrates before children).

Working Group Summary

Was there anything in WG process that is worth noting? For
example, was there controversy about particular points or
were there decisions where the consensus was particularly
rough?

During WGLC there was some prolonged discussion on whether IETF is the right
body for publishing a set of milestones for different phases of algorithm
migration and which other entities should be involved (IANA, NROs, etc.).
The issue was discussed and the text was improved in this area.

There was also an extended discussion during WGLC on whether top-down migration
is the right way to do algorithm migration. I think the WG still supports
this approach.


Document Quality

Are there existing implementations of the protocol? Have a
significant number of vendors indicated their plan to
implement the specification? Are there any reviewers that
merit special mention as having done a thorough review,
e.g., one that resulted in important changes or a
conclusion that the document had no substantive issues? If
there was a MIB Doctor, Media Type or other expert review,
what was its course (briefly)? In the case of a Media Type
review, on what date was the request posted?

This document is not specifying a protocol, so there are no implementations.
However considering past history in the Security Area with algorithm
migration in different protocols, such migration event is quite likely,
if RPKI ends up being used for any significant period of time.

Personnel

Who is the Document Shepherd? Who is the Responsible Area
Director?

Alexey Melnikov is the Document Shepherd.
Stewart Bryant is the Responsible Area Director.


(3) Briefly describe the review of this document that was performed by
the Document Shepherd. If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

I performed my usual WG chair review which typically includes:
1) making sure that the document is clear
2) check for missing references and for their type (Normative versa Informative)
3) make sure that the IANA consideration matches the document
4) verify ABNF/XML if any (none in this case)


(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

No.

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

I don't think so. Security Area aspects are certainly covered well by this
document.


(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

No concerns.

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Each author confirmed that they have no IPR disclosure to make on the document.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

No IPR disclosure was filed on the document.

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it?

The document has solid WG consensus behind it.

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

Some discussions on the mailing list were heated at times, but there was
no threat of appeal stated.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See http://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

Id-nits reports:

** There is 1 instance of too long lines in the document, the longest one
being 23 characters in excess of 72.
== The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but
does not include the phrase in its RFC 2119 key words list.

I think both of these can be fixed by RFC Editor.


(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

The document doesn't contain any MIB/media type/URI registration,
so no review of this type is needed.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

All Normative references are to published RFCs.

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

There are no Down-Refs.

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

No.

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

The document correctly lists no action for IANA.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

This document doesn't create new registries.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.

The document doesn't contain and code in a formal language.