I read the draft. A few comments: 1. RPKI validation refers to checking cryptographic integrity of the RPKI objects such as certs, ROAs, etc. What you intend to signal from RS to peers is prefix-origin validation results (RFC 6811). s/RPKI validation results/ prefix-origin validation results/g
2. "Route-servers providing RPKI-based route origin validation set the validation state according to the RPKI validation result (see [I-D.ietf-sidr-rpki-validation-reconsidered])." (in Section 2) The reference cited here is incorrect. It should be RFC 6811. RFC 6811 defines the prefix-origin validation states and also provides the validation algorithm. 3. How do you signal that the RS did not perform validation on an update (for whatever reason). Is that implicitly conveyed when the "Prefix Origin Validation State Extended Community" is absent in the update forwarded to peers? May be it needs to be said in the draft. For instance, 'Not Found' should not be used as default value in the extended community. 'Did not perform validation' should not be equated to 'Not Found'. Sriram _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
