Mailing List Archive

From:: Job Snijders <job@bsd.nl>
Subject:: Re: rpki-client: limit the filename length in Manifest listings to something reasonable
To:: Theo de Raadt <deraadt@openbsd.org>
Cc:: tech@openbsd.org
Date:: Wed, 13 May 2026 16:35:28 +0000

Download raw body.

Thread

- 2026-05-13 15:13 Job Snijders:
  rpki-client: limit the filename length in Manifest listings to something reasonable
- - 2026-05-13 15:56 Theo de Raadt:
    rpki-client: limit the filename length in Manifest listings to something reasonable
  - - 2026-05-13 16:35 Job Snijders:
      rpki-client: limit the filename length in Manifest listings to something reasonable

2026-05-14 08:32 Theo Buehler:

rpki-client: limit the filename length in Manifest listings to something reasonable

On Wed, May 13, 2026 at 09:56:01AM -0600, Theo de Raadt wrote:
> Job Snijders <job@bsd.nl> wrote:
> 
> > We could, but then instead of 1 smalL CA that would put all 55,000 CAs
> > in non-compliance. Your suggestion seems unproductive.
> 
> Is using a full pathhame non-compliant?

Define full? 255?

The relevant RFC allows multi-megabyte strings as names for RPKI
objects.

Kind regards,

Job

- 2026-05-13 15:13 Job Snijders:
  rpki-client: limit the filename length in Manifest listings to something reasonable
- - 2026-05-13 15:56 Theo de Raadt:
    rpki-client: limit the filename length in Manifest listings to something reasonable
  - - 2026-05-13 16:35 Job Snijders:
      rpki-client: limit the filename length in Manifest listings to something reasonable

2026-05-14 08:32 Theo Buehler:

rpki-client: limit the filename length in Manifest listings to something reasonable