Hi Valery, Can you do me a favor and confirm if all your comments have been addressed by the -08 version (just published) of the document? Thanks.
> On Oct 18, 2025, at 1:15 AM, Valery Smyslov <[email protected]> wrote: > > Hi Russ, > >> Valery: >> >> I suggest: >> >> The Certification Authority (CA) The CA MUST generate a new End Entity > (EE) >> certificate for each signing of a particular prefixlen file. The private > key >> associated with the EE certificate SHOULD sign only one prefixlen file. > That is, >> a new key pair SHOULD be generated for each new version of a particular >> prefixlen file. >> When the EE certificate used in this fashion, it is termed a > "one-time-use" >> EE certificate (see Section 3 of [RFC6487]). > > This works for me. Thank you. > > Regards, > Valery. > >> Russ= > Mahesh Jethanandani [email protected]
_______________________________________________ OPSAWG mailing list -- [email protected] To unsubscribe send an email to [email protected]
