Thanks Andy. Do you think we need to add something in the security section about the transition?
Something like: "A RP that performs a strick validation based on RFC6487 and fails to support the updates described in this document, would incorrectly invalidate RPKI signed objects that implements the changes in Section 2. At the time of this writing, all known RP software suites (you can mention them as in IDR) were tested and supported the updates on this document" Roque On Jul 15, 2013, at 7:07 PM, Andy Newton <[email protected]> wrote: > On 7/15/13 10:22 AM, "Roque Gagliano (rogaglia)" <[email protected]> > wrote: > >> Before sending my support to advance to the IESG, I wanted to ask the >> author if they have tested the effects of this change on existing RP >> tools. Do they really set the certificate as invalid? > > Yes, we have tested against the three RP suites. One did not require a > change while the other two required simple one line changes. Current > releases of all three now accommodate it. > > -andy >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
