On 11/20/08 7:41 PM, "Stephen Kent" <[EMAIL PROTECTED]> wrote:
> If you do not follow the CP that has the OID in the CP that is under
> discussion in SIDR, then you must not issue certs containing that OID
> in the cert policy field. You could issue certs with a different
> policy OID, or with no policy OID. Niether would meet the criteria
> for RPKI Certs, and thus should be rejected by compliant relying
> party software.
Steve,
This explanation helps my understanding significantly. Thanks.
Regarding the rejection by complaint relying party software: this is because
the validation step includes looking for the specific OID assigned by the CP
draft? In other words, if another CP assigned another OID and the relying
party software could be configured to additionally accommodate said OID,
then this specification suite could be used in a slightly different context?
-andy
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
