On Apr 04, 2014, at 15:47, Geoff Huston g...@apnic.net wrote:
The authors of RFC 6487 can speak for themselves, but I think their
intent was to avoid requests for vanity names (CN=Joe's Pizza
instead of CN=4DF2D88957372FF9FDA05C70F2D9E8BA334CFF89), which could
be construed as eroding claims
On Mon, May 5, 2014 at 12:10 PM, Roque Gagliano (rogaglia)
rogag...@cisco.com wrote:
Sandra,
I support this document moving forward to the IESG.
I read the document as part of the WGLC process and I believe the text is
ready for publication.
My only question is a formality from Section 3
Would it make sense to have the name that goes in the router
certificate then be something like “ROUTER-#-32_bit_BGP_Identifier”
where the # gets incremented everytime there’s a new key? For those
that love hard coded lengths this might be an issue if the # grows,
but is that the only
On May 12, 2014, at 16:03, Randy Bush ra...@psg.com wrote:
Would it make sense to have the name that goes in the router
certificate then be something like “ROUTER-#-32_bit_BGP_Identifier”
where the # gets incremented everytime there’s a new key? For those
that love hard coded lengths this
Wes,
Randy and I bashed some text around; would this work:
When it is decided that an active router key is to be revoked, the
process of requesting the CA to revoke, the process of the CA
actually revoking the router’s certificate, and then the process of
rekeying/renewing the router’s