Hi, Some comments:
1) Section 2.5: I believe we should remove the reference to DNSSEC root key signing in section 2.5, different scenario here and there.
2) Section 2.6: I would like that the last paragraph from section 2.5 be included in this section, because de "various registry" space is the "ERX space". Also, In the figure 1, I know it is just an example but LACNIC only has ERX space from /8 where ARIN and APNIC are majority, so just to keep it "real" I will suggest replacing RIPE by APNIC.
3) Trust Anchor Material. I believe we agreed to include the description of the trust anchor material in the arch document, I cant find it here. Is it though for a new revision?
Regards, r. On Nov 3, 2008, at 3:45 PM, [EMAIL PROTECTED] wrote:
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Secure Inter-Domain Routing Working Group of the IETF.Title : An Infrastructure to Support Secure Internet RoutingAuthor(s) : M. Lepinski, S. Kent Filename : draft-ietf-sidr-arch-04.txt Pages : 27 Date : 2008-11-03 This document describes an architecture for an infrastructure to support improved security of Internet routing. The foundation of this architecture is a public key infrastructure (PKI) that represents the allocation hierarchy of IP address space and Autonomous System Numbers; and a distributed repository system for storing and disseminating the data objects that comprise the PKI, as well as other signed objects necessary for improved routing security. As an initial application of this architecture, the document describes how a holder of IP address space can explicitly and verifiably authorize one or more ASes to originate routes to that address space. Such verifiable authorizations could be used, for example, to more securely construct BGP route filters. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-sidr-arch-04.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. <mime-attachment>_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
