Hi Randy, Good point, and I have to admit that I don't have a clear picture of this yet (there is definitely a part on me there..). But in any case if we are to support signing router certificates in a hosted solution, then it's important that that improves.
So I would be very happy to hear about this. Tim > On 02 Nov 2015, at 10:54, Randy Bush <[email protected]> wrote: > > this should have answered all comments > > in addition, a major change. previous drafts naïvely assumed the router > could send a PKCS#10 to the relevant RPKI CA. this ignored how the CA > would know the request was authentic. oops! now, the operator has to > mediate the conversation. i am willing to take five minutes of floor > time to discuss/explain this. > > randy > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
