Yep, in this particular case it means the same thing as an English word and as a requirement. I'd personally have a slight preference for "MAY", as it is more assertive in granting permission, but the authors can do what they want.
-Tim From: Russ Housley <[email protected]> Sent: Saturday, January 27, 2024 2:46 PM To: Tim Hollebeek <[email protected]> Cc: Randy Bush <[email protected]>; IETF SecDir <[email protected]>; [email protected]; [email protected]; [email protected] Subject: Re: [secdir] Secdir last call review of draft-ietf-opsawg-9092-update-09 Tim: (2) Section 6, paragraph 5: is this intended to be a RFC 2119 "MAY"? If so, capitalize. If not, avoid the word. took me a moment. i think it is para 6, this one, yes? It is good key hygiene to use a given key for only one purpose. To dedicate a signing private key for signing a geofeed file, an RPKI Certification Authority (CA) may issue a subordinate certificate exclusively for the purpose shown in Appendix A. that 'may' should probably be 2119ed. russ, opinion? I actually think this is fine either way. In this case, the text is saying that an RPKI CA might choose to create a subordinate CA solely for issuing these certificates. Russ
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
