The draft draft-ietf-sidr-rpki-validation-reconsidered speaks forcefully of the potential for damage if a certificate over claims, i.e., claims more resources than its parent. The draft discusses how that could result from a failure of timing in a transfer of resources.
In a presentation in the November 2014 IETF session on this topic, it was suggested that discussion of "a standard procedure for certificate management during resource transfer” and "current CA operational procedures for managing transfers” would help in the reconsideration of the validation algorithm. A draft was submitted and discussed at the last meeting. https://tools.ietf.org/html/draft-ymbk-sidr-transfer But no comments have been received. This is an important topic, folks, and deserves our attention. Please do read the draft and comment. —Sandy
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
