WG co-chair hat OFF This is a posting made in my role as a document co-author, and not as a co-chair of the WG
In reviewing the manifest document I notice that the document in its current version defines a manifest as an RPKI construct. I have two questions about this: 1. Should the manifest document be constrained in this manner as being exclusively an RPKI construct, or should the reference to exclusive use by the RPKI be removed such that the manifest is defined in a manner that is agnostic to the context of the PKI in which the manifest may be used, so that any CA may use a manifest? 2. In the context of the RPKI should the manifest document used a SHOULD to specify that the resources in the RPKI EE certificate used to validate the manifest's signature be specified using the inherit bit setting of the RFC3779 extensions? Do any of the document's co-authors, or any WG folk, have an opinion of either or both of these questions that they'd like to share? thanks, Geoff WG co-chair hat OFF _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
