ydahhrk
commented
1 year ago Fort 1.6.0 has been released; closing.
Closed ydahhrk closed 1 year ago
ydahhrk
commented
1 year ago Fort 1.6.0 has been released; closing.
This is the original problem.
In summary, RRDP files (snapshots and deltas) declare URIs for their contained files (RPKI objects), and there's nothing in the standard preventing a malicious CA's RRDP file from declaring a URI that will cause the validator to override some other CA's RPKI object. So the RP needs to create per-RPP namespaces.
Fort's namespaces ("workspaces") are TAL-scoped. This prevents RPPs from different trees from overriding each other, but not RPPs from the same tree.
Branch rrdp-refactor has a WIP of this bug.