Re: [sidr] CP changes in response to WGLC comments

Wed, 04 Nov 2009 09:53:59 -0800 

Steve -
In general, these changes are fine, and address the naming parent/ child/IANA/RIR/ISP name game issue. 


  One issue which is raised is that a RPKI service provider now may  
be made subject (with one month's notice) to changes to the CP made by  
the IETF.  As the CP specifies operational practices, this has  
potential to be impacting for the RPKI service provider and ISP's  
relying upon such certs.   In order to protect those relying ISPs in  
the case of a CP change which causes RPKI providers to exit the  
business, the 9.12.2 implementation time period to should be long  
enough to allow ISP's to move to an RPKI providers now complying with  
the new CP document.  I'd recommend 6 months advance notice rather  
than one for this reason.


Thanks,
/John


On Nov 4, 2009, at 9:25 AM, Stephen Kent wrote:


Changed status to be Best Current Practice from Informational  
(consistent with eventual BCP designation)



In Section 1.7 revised text (removed references to SIDR WG)

RPKI signed object - Digitally signed data object (other than a
certificate or CRL) declared to be such by a standards track RFC,
and that can be validated using certificates issued under this PKI.

------

Section 1.4.4 revised text (removed references to SIDR WG)


An RPKI signed object is a digitally-signed object, declared to be  
such by a standards track RFC.


-------


Section 9.12.1 revised text (removed reference to RIRs and IANA,  
replaced with IETF)



The procedure for amending this CP is via written notice from the  
IETF in the form of a new Standards Track, BCP RFC that updates or  
obsoletes this document.


------


Sectioon 9.12.2 revised text (removed reference to RIRs and IANA,  
replaced with IETF)



The IETF will provide at least one month's advance notice of any  
changes to this CP.

-------


Section 9.12.3 revised text (removed reference to RIRs and IANA,  
replaced with IETF)



If the IETF judges that changes to the CP do not materially reduce  
the acceptability of certificates issued for RPKI purposes, there  
will be no change to the CP OID. If the IETF judges that changes to  
the CP do materially change the the acceptability of certificates  
for RPKI purposes, then there will be a new CP OID.


Section 13.2 (removed last two informative references)
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr



_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr






















					Reply via email to