Re: [OPSAWG] I-D Action: draft-ietf-opsawg-9092-update-03.txt

Thu, 21 Sep 2023 01:24:24 -0700 

Dear all,

The example signature chain still is broken :-/

1/ The Trust Anchor cert still doesn't mark its RFC 3779
   autonomousSysNum extension as critical. RFC 6487 section 4.8.11
   requires this.

2/ The intermediate CA cert lists
   
URI:rsync://rpki.example.net/repository/3ACE2CEF4FB21B7D11E3E184EFC1E297B3778642.crl
   as its CRLDP; but instead must reference
   URI:rsync://rpki.example.net/repository/example-ta.crl
   The intermediate CA is subordinate to the TA, and thus should
   reference the CRL signed by the TA (not the CRL it signed itself).

A possible path forward to incorporate working examples would be to
simply use these new ones I generated for an IPv4 prefix & dumpasn1:

    https://git.rg.net/randy/draft-9092update/pulls/2/files

Kind regards,

Job

On Wed, Sep 20, 2023 at 03:33:50PM -0700, [email protected] wrote:
> Internet-Draft draft-ietf-opsawg-9092-update-03.txt is now available. It is a
> work item of the Operations and Management Area Working Group (OPSAWG) WG of
> the IETF.
> 
>    Title:   Finding and Using Geofeed Data
>    Authors: Randy Bush
>             Massimo Candela
>             Warren Kumari
>             Russ Housley
>    Name:    draft-ietf-opsawg-9092-update-03.txt
>    Pages:   26
>    Dates:   2023-09-20
> 
> Abstract:
> 
>    This document specifies how to augment the Routing Policy
>    Specification Language inetnum: class to refer specifically to
>    geofeed data files and describes an optional scheme that uses the
>    Resource Public Key Infrastructure to authenticate the geofeed
>    datafiles.
> 
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-opsawg-9092-update/
> 
> There is also an HTMLized version available at:
> https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-9092-update-03
> 
> A diff from the previous version is available at:
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-opsawg-9092-update-03
> 
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
> 
> 
> _______________________________________________
> OPSAWG mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/opsawg

_______________________________________________
OPSAWG mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/opsawg

Reply via email to