Steve, Am I correct assuming that the OID will be assigned once the I-D becomes an RFC?
But I find it rather strange that cp(14) is not registered as well. Has it not been used in the pkix context? Thanks, Andrei Stephen Kent wrote on 21-11-2008 01:41: > Andy, > > In looking through the SIDR archives (since I am not getting messages > directly from the list) I saw the following posting: > >> Incidentally, I thought I heard Russ Housley say at the mike that the >> cert format says what CP appliels and it points to this CP. If I >> understand, using a different CP means changing the cert format. Am I >> wrong? >> I see the following, which I presume is what Russ was referring to: >> >> 3.9.8. Certificate Policies >> >> This extension MUST reference the Resource Certificate Policy, using >> the OID Policy Identifier value of "1.3.6.1.5.5.7.14.2". This field >> MUST be present and MUST contain only this value for Resource >> Certificates. >> >> No PolicyQualifiers are defined for use with this policy and thus >> none must be included in this extension. >> >> This extension MUST be present and it is critical. > > If you do not follow the CP that has the OID in the CP that is under > discussion in SIDR, then you must not issue certs containing that OID in > the cert policy field. You could issue certs with a different policy > OID, or with no policy OID. Niether would meet the criteria for RPKI > Certs, and thus should be rejected by compliant relying party software. > > Steve > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
