Re: [sidr] am I missing something?

Thu, 06 Nov 2008 13:03:45 -0800 


On Fri, 24 Oct 2008, Terry Manderson wrote:


I was re-reading draft-ietf-sidr-res-certs-13 to get something clear in my 
head about SIA values and I got wildly side-tracked.


in section 1, it says:


"In the context of the public Internet, and the use of public number 
resources within this context, it is intended that Resource Certificates are 
used in a manner that is explicitly aligned to the public number resource 
distribution function"



My impression is that the allocation chain goes IANA->RIR->NIR/LIR->ORG. And 
for legacy space there is a IANA->ORG structure. That is the way public 
numbers are distributed, yes?



Wouldn't/Shouldn't there be a request for IANA to sign over "stuff" in the 
IANA considerations section? (or have I got the purpose of that section 
completely wrong?)


One clarification in res-cert-14 (section 1, page 4-5) indicates:


   While this profile describes the structure of a default Trust Anchor
   for this PKI, Relying Parties (RPs) in this PKI are free to select
   the trust anchors upon which they rely, and thus the PKI as viewed by
   RPs need not match the public resource allocation hierarchy as
   described here.


So while the intent of the RPKI is to mirror the allocation hierarchy, the 
relying party may select a trust anchor that is not the IANA, so the RPKI 
mirrors only the allocation relationship of the public resource allocation 
hierarchy, not necessarily the tree itself with IANA at the apex.




There's no requirement that IANA sign anything (or any requirement that 
any other part of the existing public resource allocation hierarchy sign 
anything), so there's no need for an IANA considerations section.


Does that clear up your question?

--Sandy




Apologies for the newbie-ness of the question.

Terry

Speaking for Terry, I don't get to speak for anyone else.. and sometimes not 
even me! (just don't ask ;)

_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr

_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr






















					Reply via email to