% $Id$
%
\documentclass[11pt]{article}
\usepackage[pdftex]{graphicx}
\usepackage{palatino}
\usepackage{color}
\DeclareGraphicsExtensions{.pdf}
\setlength{\topmargin}{0in}
\setlength{\headheight}{0in}
\setlength{\headsep}{0in}
\setlength{\oddsidemargin}{0in}
\setlength{\evensidemargin}{0in}
\setlength{\textheight}{9in}
\setlength{\textwidth}{6.5in}
\setlength{\parskip}{2ex}
\setlength{\parindent}{0in}
\hyphenpenalty=5000
\tolerance=1000
\hbadness=9999
\sloppy
\pagestyle{plain}
%
\begin{document}
\section*{Implementation experience with the two BPKI models}
Having recently converted my code base to the single-trust-anchor
model Russ recommended, I thought it might be useful to share what
I've learned. This may not apply to all implementations, but it does
apply to mine, and given what I understand of RIPE's business model,
it will probably apply to RIPE's implementation as well.
In spite of a strong desire to do so, I was not able to use exactly
the same BPKI keys and certificates for HTTPS and CMS. The reason for
this is simple: each hosted entity in my engine has its own BPKI, as
does the hosting entity, but the HTTPS listener is shared. The only
ways I know of to avoid this would be to use separate listeners for
each hosted entity, which scales poorly, or to rely on the TLS
``Server Name Indication'' extension (RFC 4366 3.1) which is not yet
widely implemented.
\begin{figure}[hbp]
\includegraphics[width = 6.5in]{bpki-symmetric}
\caption{Symmetric BPKI model}
\label{bpki-symmetric}
\end{figure}
Figure \ref{bpki-symmetric} shows my engine's view of the BPKI tree in
the symmetric model. Black objects belong to the hosting entity, blue
objects belong to the hosted entities, red objects are cross-certified
objects from peers. The arrows indicate certificate issuance: solid
arrows are the ones that my own RPKI engine will care about during
certificate validation, dotted arrows show the origin of EE
certificates my engine uses to sign things. ``BSC'' stands for
``business signing context,'' which is a database object in my
implementation representing the context needed to sign a CMS message
or TLS session.
Other than the above-mentioned annoyance with the HTTPS server
certificate, the ``symmetric'' BPKI model worked out pretty much as
expected here. The certificate tree looks complicated, but the set of
certificates needed to build a particular validation chain is obvious,
again excepting the HTTPS server case, where client certificate is the
first hint that the engine has of the client's identity, so the server
must be prepared to accept any current client certificate.
\begin{figure}[hbp]
\includegraphics[width = 6.5in]{bpki-asymmetric}
\caption{Asymmetric BPKI model}
\label{bpki-asymmetric}
\end{figure}
Figure \ref{bpki-asymmetric} shows my engine's view of the BPKI tree
in the asymmetric model. Note that not much has changed here from the
symmetric case. As far as I can tell, the asymmetric model is just as
complex for my engine as the symmetric model; the only real difference
is that the engine has to keep track of a larger number of BSC EE
certificates in the asymmetric case.
\end{document}
nssl/trunk/crypto/buffer/buf_err.c?id=2652f84d9b22a3b84abd8dfbbd6985b5e1bde14b'>blame</a>)
<table summary='blob content' class='blob'>
<tr><td class='linenumbers'><pre><a id='n1' href='#n1'>1</a>
<a id='n2' href='#n2'>2</a>
<a id='n3' href='#n3'>3</a>
<a id='n4' href='#n4'>4</a>
<a id='n5' href='#n5'>5</a>
<a id='n6' href='#n6'>6</a>
<a id='n7' href='#n7'>7</a>
<a id='n8' href='#n8'>8</a>
<a id='n9' href='#n9'>9</a>
<a id='n10' href='#n10'>10</a>
<a id='n11' href='#n11'>11</a>
<a id='n12' href='#n12'>12</a>
<a id='n13' href='#n13'>13</a>
<a id='n14' href='#n14'>14</a>
<a id='n15' href='#n15'>15</a>
<a id='n16' href='#n16'>16</a>
<a id='n17' href='#n17'>17</a>
<a id='n18' href='#n18'>18</a>
<a id='n19' href='#n19'>19</a>
<a id='n20' href='#n20'>20</a>
<a id='n21' href='#n21'>21</a>
<a id='n22' href='#n22'>22</a>
<a id='n23' href='#n23'>23</a>
<a id='n24' href='#n24'>24</a>
<a id='n25' href='#n25'>25</a>
<a id='n26' href='#n26'>26</a>
<a id='n27' href='#n27'>27</a>
<a id='n28' href='#n28'>28</a>
<a id='n29' href='#n29'>29</a>
<a id='n30' href='#n30'>30</a>
<a id='n31' href='#n31'>31</a>
<a id='n32' href='#n32'>32</a>
<a id='n33' href='#n33'>33</a>
<a id='n34' href='#n34'>34</a>
<a id='n35' href='#n35'>35</a>
<a id='n36' href='#n36'>36</a>
<a id='n37' href='#n37'>37</a>
<a id='n38' href='#n38'>38</a>
<a id='n39' href='#n39'>39</a>
<a id='n40' href='#n40'>40</a>
<a id='n41' href='#n41'>41</a>
<a id='n42' href='#n42'>42</a>
<a id='n43' href='#n43'>43</a>
<a id='n44' href='#n44'>44</a>
<a id='n45' href='#n45'>45</a>
<a id='n46' href='#n46'>46</a>
<a id='n47' href='#n47'>47</a>
<a id='n48' href='#n48'>48</a>
<a id='n49' href='#n49'>49</a>
<a id='n50' href='#n50'>50</a>
<a id='n51' href='#n51'>51</a>
<a id='n52' href='#n52'>52</a>
<a id='n53' href='#n53'>53</a>
<a id='n54' href='#n54'>54</a>
<a id='n55' href='#n55'>55</a>
<a id='n56' href='#n56'>56</a>
<a id='n57' href='#n57'>57</a>
<a id='n58' href='#n58'>58</a>
<a id='n59' href='#n59'>59</a>
<a id='n60' href='#n60'>60</a>
<a id='n61' href='#n61'>61</a>
<a id='n62' href='#n62'>62</a>
<a id='n63' href='#n63'>63</a>
<a id='n64' href='#n64'>64</a>
<a id='n65' href='#n65'>65</a>
<a id='n66' href='#n66'>66</a>
<a id='n67' href='#n67'>67</a>
<a id='n68' href='#n68'>68</a>
<a id='n69' href='#n69'>69</a>
<a id='n70' href='#n70'>70</a>
<a id='n71' href='#n71'>71</a>
<a id='n72' href='#n72'>72</a>
<a id='n73' href='#n73'>73</a>
<a id='n74' href='#n74'>74</a>
<a id='n75' href='#n75'>75</a>
<a id='n76' href='#n76'>76</a>
<a id='n77' href='#n77'>77</a>
<a id='n78' href='#n78'>78</a>
<a id='n79' href='#n79'>79</a>
<a id='n80' href='#n80'>80</a>
<a id='n81' href='#n81'>81</a>
<a id='n82' href='#n82'>82</a>
<a id='n83' href='#n83'>83</a>
<a id='n84' href='#n84'>84</a>
<a id='n85' href='#n85'>85</a>
<a id='n86' href='#n86'>86</a>
<a id='n87' href='#n87'>87</a>
<a id='n88' href='#n88'>88</a>
<a id='n89' href='#n89'>89</a>
<a id='n90' href='#n90'>90</a>
<a id='n91' href='#n91'>91</a>
<a id='n92' href='#n92'>92</a>
<a id='n93' href='#n93'>93</a>
<a id='n94' href='#n94'>94</a>
<a id='n95' href='#n95'>95</a>
<a id='n96' href='#n96'>96</a>
<a id='n97' href='#n97'>97</a>
<a id='n98' href='#n98'>98</a>
<a id='n99' href='#n99'>99</a>
<a id='n100' href='#n100'>100</a>
<a id='n101' href='#n101'>101</a>
<a id='n102' href='#n102'>102</a>
</pre></td>
<td class='lines'><pre><code><style>pre { line-height: 125%; }
td.linenos .normal { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
span.linenos { color: inherit; background-color: transparent; padding-left: 5px; padding-right: 5px; }
td.linenos .special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding-left: 5px; padding-right: 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight .c { color: #888 } /* Comment */
.highlight .err { color: #A61717; background-color: #E3D2D2 } /* Error */
.highlight .k { color: #080; font-weight: bold } /* Keyword */
.highlight .ch { color: #888 } /* Comment.Hashbang */
.highlight .cm { color: #888 } /* Comment.Multiline */
.highlight .cp { color: #C00; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888 } /* Comment.Single */
.highlight .cs { color: #C00; font-weight: bold; background-color: #FFF0F0 } /* Comment.Special */
.highlight .gd { color: #000; background-color: #FDD } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .ges { font-weight: bold; font-style: italic } /* Generic.EmphStrong */
.highlight .gr { color: #A00 } /* Generic.Error */
.highlight .gh { color: #333 } /* Generic.Heading */
.highlight .gi { color: #000; background-color: #DFD } /* Generic.Inserted */
.highlight .go { color: #888 } /* Generic.Output */
.highlight .gp { color: #555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666 } /* Generic.Subheading */
.highlight .gt { color: #A00 } /* Generic.Traceback */
.highlight .kc { color: #080; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #080; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #080; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #080 } /* Keyword.Pseudo */
.highlight .kr { color: #080; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #00D; font-weight: bold } /* Literal.Number */
.highlight .s { color: #D20; background-color: #FFF0F0 } /* Literal.String */
.highlight .na { color: #369 } /* Name.Attribute */
.highlight .nb { color: #038 } /* Name.Builtin */
.highlight .nc { color: #B06; font-weight: bold } /* Name.Class */
.highlight .no { color: #036; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555 } /* Name.Decorator */
.highlight .ne { color: #B06; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #06B; font-weight: bold } /* Name.Function */
.highlight .nl { color: #369; font-style: italic } /* Name.Label */
.highlight .nn { color: #B06; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #369; font-weight: bold } /* Name.Property */
.highlight .nt { color: #B06; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #369 } /* Name.Variable */
.highlight .ow { color: #080 } /* Operator.Word */
.highlight .w { color: #BBB } /* Text.Whitespace */
.highlight .mb { color: #00D; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #00D; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #00D; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #00D; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #00D; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #D20; background-color: #FFF0F0 } /* Literal.String.Affix */
.highlight .sb { color: #D20; background-color: #FFF0F0 } /* Literal.String.Backtick */
.highlight .sc { color: #D20; background-color: #FFF0F0 } /* Literal.String.Char */
.highlight .dl { color: #D20; background-color: #FFF0F0 } /* Literal.String.Delimiter */
.highlight .sd { color: #D20; background-color: #FFF0F0 } /* Literal.String.Doc */
.highlight .s2 { color: #D20; background-color: #FFF0F0 } /* Literal.String.Double */
.highlight .se { color: #04D; background-color: #FFF0F0 } /* Literal.String.Escape */
.highlight .sh { color: #D20; background-color: #FFF0F0 } /* Literal.String.Heredoc */
.highlight .si { color: #33B; background-color: #FFF0F0 } /* Literal.String.Interpol */
.highlight .sx { color: #2B2; background-color: #F0FFF0 } /* Literal.String.Other */
.highlight .sr { color: #080; background-color: #FFF0FF } /* Literal.String.Regex */
.highlight .s1 { color: #D20; background-color: #FFF0F0 } /* Literal.String.Single */
.highlight .ss { color: #A60; background-color: #FFF0F0 } /* Literal.String.Symbol */
.highlight .bp { color: #038 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #06B; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #369 } /* Name.Variable.Class */
.highlight .vg { color: #D70 } /* Name.Variable.Global */
.highlight .vi { color: #33B } /* Name.Variable.Instance */
.highlight .vm { color: #369 } /* Name.Variable.Magic */
.highlight .il { color: #00D; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="cm">/* crypto/buffer/buf_err.c */</span>
<span class="cm">/* ====================================================================</span>
<span class="cm"> * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.</span>
<span class="cm"> *</span>
<span class="cm"> * Redistribution and use in source and binary forms, with or without</span>
<span class="cm"> * modification, are permitted provided that the following conditions</span>
<span class="cm"> * are met:</span>
<span class="cm"> *</span>
<span class="cm"> * 1. Redistributions of source code must retain the above copyright</span>
<span class="cm"> * notice, this list of conditions and the following disclaimer. </span>
<span class="cm"> *</span>
<span class="cm"> * 2. Redistributions in binary form must reproduce the above copyright</span>
<span class="cm"> * notice, this list of conditions and the following disclaimer in</span>
<span class="cm"> * the documentation and/or other materials provided with the</span>
<span class="cm"> * distribution.</span>
<span class="cm"> *</span>
<span class="cm"> * 3. All advertising materials mentioning features or use of this</span>
<span class="cm"> * software must display the following acknowledgment:</span>
<span class="cm"> * "This product includes software developed by the OpenSSL Project</span>
<span class="cm"> * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"</span>
<span class="cm"> *</span>
<span class="cm"> * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to</span>
<span class="cm"> * endorse or promote products derived from this software without</span>
<span class="cm"> * prior written permission. For written permission, please contact</span>
<span class="cm"> * openssl-core@OpenSSL.org.</span>
<span class="cm"> *</span>
<span class="cm"> * 5. Products derived from this software may not be called "OpenSSL"</span>
<span class="cm"> * nor may "OpenSSL" appear in their names without prior written</span>
<span class="cm"> * permission of the OpenSSL Project.</span>
<span class="cm"> *</span>
<span class="cm"> * 6. Redistributions of any form whatsoever must retain the following</span>
<span class="cm"> * acknowledgment:</span>
<span class="cm"> * "This product includes software developed by the OpenSSL Project</span>
<span class="cm"> * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"</span>
<span class="cm"> *</span>
<span class="cm"> * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY</span>
<span class="cm"> * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE</span>
<span class="cm"> * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR</span>
<span class="cm"> * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR</span>
<span class="cm"> * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="cm"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT</span>
<span class="cm"> * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;</span>
<span class="cm"> * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)</span>
<span class="cm"> * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,</span>
<span class="cm"> * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)</span>
<span class="cm"> * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED</span>
<span class="cm"> * OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="cm"> * ====================================================================</span>
<span class="cm"> *</span>
<span class="cm"> * This product includes cryptographic software written by Eric Young</span>
<span class="cm"> * (eay@cryptsoft.com). This product includes software written by Tim</span>
<span class="cm"> * Hudson (tjh@cryptsoft.com).</span>
<span class="cm"> *</span>
<span class="cm"> */</span>
<span class="cm">/* NOTE: this file was auto generated by the mkerr.pl script: any changes</span>
<span class="cm"> * made to it will be overwritten when the script next updates this file,</span>
<span class="cm"> * only reason strings will be preserved.</span>
<span class="cm"> */</span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf"><stdio.h></span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf"><openssl/err.h></span>
<span class="cp">#include</span><span class="w"> </span><span class="cpf"><openssl/buffer.h></span>
<span class="cm">/* BEGIN ERROR CODES */</span>
<span class="cp">#ifndef OPENSSL_NO_ERR</span>
<span class="cp">#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)</span>
<span class="cp">#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)</span>
<span class="k">static</span><span class="w"> </span><span class="n">ERR_STRING_DATA</span><span class="w"> </span><span class="n">BUF_str_functs</span><span class="p">[]</span><span class="o">=</span>
<span class="w"> </span><span class="p">{</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_MEMDUP</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_memdup"</span><span class="p">},</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_MEM_GROW</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_MEM_grow"</span><span class="p">},</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_MEM_GROW_CLEAN</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_MEM_grow_clean"</span><span class="p">},</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_MEM_NEW</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_MEM_new"</span><span class="p">},</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_STRDUP</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_strdup"</span><span class="p">},</span>
<span class="p">{</span><span class="n">ERR_FUNC</span><span class="p">(</span><span class="n">BUF_F_BUF_STRNDUP</span><span class="p">),</span><span class="w"> </span><span class="s">"BUF_strndup"</span><span class="p">},</span>
<span class="p">{</span><span class="mi">0</span><span class="p">,</span><span class="nb">NULL</span><span class="p">}</span>
<span class="w"> </span><span class="p">};</span>
<span class="k">static</span><span class="w"> </span><span class="n">ERR_STRING_DATA</span><span class="w"> </span><span class="n">BUF_str_reasons</span><span class="p">[]</span><span class="o">=</span>
<span class="w"> </span><span class="p">{</span>
<span class="p">{</span><span class="mi">0</span><span class="p">,</span><span class="nb">NULL</span><span class="p">}</span>
<span class="w"> </span><span class="p">};</span>
<span class="cp">#endif</span>
<span class="kt">void</span><span class="w"> </span><span class="nf">ERR_load_BUF_strings</span><span class="p">(</span><span class="kt">void</span><span class="p">)</span>
<span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="k">static</span><span class="w"> </span><span class="kt">int</span><span class="w"> </span><span class="n">init</span><span class="o">=</span><span class="mi">1</span><span class="p">;</span>
<span class="w"> </span><span class="k">if</span><span class="w"> </span><span class="p">(</span><span class="n">init</span><span class="p">)</span>
<span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="n">init</span><span class="o">=</span><span class="mi">0</span><span class="p">;</span>
<span class="cp">#ifndef OPENSSL_NO_ERR</span>
<span class="w"> </span><span class="n">ERR_load_strings</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span><span class="n">BUF_str_functs</span><span class="p">);</span>
<span class="w"> </span><span class="n">ERR_load_strings</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span><span class="n">BUF_str_reasons</span><span class="p">);</span>
<span class="cp">#endif</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="p">}</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2025-07-03 13:14:19 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>