-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ok - I withdraw my comments....
chris
On 14 Mar 2008, at 06.29, Stephen Kent wrote:
> At 1:36 PM -0700 3/13/08, Christopher LILJENSTOLPE wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Stephen,
>>
>> What I was saying is that, if this IS for the protection of the
>> the individual entity hosting the PKI, then to issue a CPS is their
>> call, not ours to specify as a standards action.
>>
>> Either people will grok the risk and make a judgement, or not grok
>> the risk and still make a judgement. Therefore, suggesting that
>> someone embarking on SIDR may want to consider a CPS with their
>> powers-that-be is probably a good-thing(TM) - which is what BCPs
>> are for. However, saying that it is part of doing SIDR, is
>> probably not germane.
>>
>> Now if we are not saying that CPS is required for SIDR, then I
>> humbly withdraw my comments and blame it on a mis-parsing on my part.
>>
>> Chris
>
> Chris,
>
> I do not believe that anyone is suggesting that to be a CA in the
> RPKI you MUST issue a CPS. I believe that each RIR will issue its
> own CPS, and the handful of NIRs that exists probably will as well.
> As for ISPs, bigger ones probably will, but smaller ones may not. In
> general an entity operating a CA (other that for purely internal
> use) should publish a CPS, and RFC 3647 provides a generally
> accepted outline for writing a CP or a CPS.
>
> If an ISP acting as a CA in the RPKI decides to issue a CPS, we can
> make life easier for them by having a published template as a (non-
> normative) starting point. Our experience in doing this in the RIR
> space certainly suggests that is the case, i.e, the work I did for
> APNIC to help complete their CPS benefited greatly from having the
> RIR CPS template as a starting point.
>
> Steve
>
- ---
李柯睿
Check my PGP key here:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xCB67593B
-----BEGIN PGP SIGNATURE-----
iQEcBAEBAgAGBQJH3owjAAoJEGmx2Mt/+Iw/rrEH/04RYju9rD6nn+H/cZBezd26
5ODDeABDQxer1uUwgwkr5JQdvBSjqPpsf8347kiHaCtN/a6Ck2kbp43JQiirxGOL
/5U4kdqJnpxT9fRX2ky7aTP2WIk1jkBV2ZOOVD+kBqg8GlzYHu+oySD/0E/D0ki8
O3rCFDnjVpKWBUXyuUqjBBCCfUvPl0HkXG8jbiprCJammyoP8TnD9oFSbuGJlIOb
hEkdOUfoso445uXi0VgeBcnRbh1fb4AC8e7Tr3dLd6wZp9LD0xtzMEk7xH5SUGSF
z/uBgo7kEsYk8wvCtrpI0jzujyk0AablPZE1RnDFlh5sNT5za6SKW8crYTN00e8=
=1cXY
-----END PGP SIGNATURE-----
_______________________________________________
Sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
