Document: draft-ietf-sidrops-manifest-numbers Title: Resource Public Key Infrastructure (RPKI) Manifest Number Handling Reviewer: Daniele Ceccarelli Review result: Ready Hello, i'm the OPD-DIR reviewer assigned to this draft. The draft is very simple and straight forward. From an operational security standpoint, this draft addresses a problem extremely unlikely to happen. While extremely unlikely under normal conditions, bugs or automated errors could trigger manifest number collapse. With well-defined issuer and RP behavior, this draft equips networks to survive such events gracefully. My only doubt that the authors could try to solve is: if a bug causes the increment of the manifest Number till or close to the highest possible number, how does the issues realize about that and change the manifest name as described in the draft? I suppose there is a check on the issuing side, but if the bug is introduced post check? If you tell me there is, i trust it. Minor comments: - Section 1: "Manifests include a "manifest number" (manifestNumber), which an issuer must increment by one whenever it issues a new manifest." I would say "whenever a new version of the manifest is issued" ? Or it is incremented any time a new manifest is generated? - Section 1: " 23,171,956,451,847,141,650,870 quintillion years" a appreciate the precision of the computation :D Thanks Daniele -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
