Great. Thanks for the quick reply and confirming my suspicion.
On 2/17/2015 5:14 PM, Andy Newton wrote:
From: Andrew Gallo <[email protected]<mailto:[email protected]>> Date: Tuesday, February 17, 2015 at 4:31 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [arin-tech-discuss] Sanity check on hosted RPKI private key To be clear, the key pair that I'm generating in this step is simply to validate the communication of my ROA request, correct? The private key that is used to sign the ROA itself is never seen nor accessed by the org using the hosted model, correct? Andrew, That is correct. The keypair for Hosted RPKI is for integrity and non-repudiation between you and ARIN. But the keys used in the ROAs and Resource Certificates are different and can only be used for signing by our HSMs. Andy Newton, Chief Engineer, ARIN
_______________________________________________ arin-tech-discuss mailing list [email protected] http://lists.arin.net/mailman/listinfo/arin-tech-discuss
