"This document was adopted as a WG work item, should we accept this change and complete the work or not?"
Yes. I believe this change in the validation algorithm improves the operational robustness of the RPKI.
If the WG chairs find themselves uncertain about the consensus on this quesiton, it might be helpful to ask ourselves: if we had chosen a certificate structure other than X.509, perhaps even something invented specifically for the purpose, would we be hesitating to make this change? At the very least, that could bring the discussion back to specific operational issues, which would, IMHO, be a good focus for it.
Hopefully the chairs will see a consensus without needing to ask that question - the discussion I've read here suggests to me that we have at least a rough consensus.
-- Sam _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
