The options for documenting this aspect of distinguished name structure for the RPKI are to place this in either the CP, the architecture, or the certificate profile documents.
It is important to think about this from the perspective of a future reader of the RPKI documents. In that context, it seems to me that this is clearly a profile constraint, and thus should be with the other format constraints over names and structural elements in the certificate profile draft. Therefore, I wish to advocate to the WG that this name constraint for both Issuer, and Subject names in RPKI certificates be documented in the res-cert profile document. Sorry for a late addition to this document in WGLC Steve, but I think this is necessary. cheers -George _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
