-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> Note that this is just a subset of the 3779 ASN.1, so it retains the > advantage of reusing that syntax, and that should make comparison > against the cert used to verify a ROA easier than if we adopt a > different syntax. It allows multiple prefixes to be associated with one > AS in each ROA. I would much prefer to see the prefix/length format in the ROA, just from the operational usefulness and human readability perspectives.... > Additionally, there were suggestions about what controls we should make > available to a ROA signer, to express the semantics of the ROA. The > simplest one, other than my ill-conceived exact match suggestion, was a > proposal by Geoff for a flag to say exact match vs. inclusion. I would really like to see this suggestion incorporated. > There was > also a suggestion from Curtis to allow for a mask length range, e.g., > prefix/len1 [-len2]. Larry enumerated 4 prefix range operators taken > from RPSL, which support even more expressiveness. I'm ambivalent on this one. Either way is fine with me. :-) Russ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGHA9eER27sUhU9OQRAmwtAJ9542ilwQ+MiBUAc+rEMvEINnp5/ACgk0jD MOZIL/7jtsj/Ax9HbjcLE7I= =I9/w -----END PGP SIGNATURE----- _______________________________________________ Sidr mailing list [email protected] https://www1.ietf.org/mailman/listinfo/sidr
