> On Jul 08, 2016, at 05:35, Tim Bruijnzeels <[email protected]> wrote: > > Stephen Kent comment on -04 of this document saying that it should not > attempt to update the BGPSec Router Certificate I-D because it's not an RFC, > just yet. It's currently in IESG Processing. The current document therefore > has a request and some suggestion to the authors to change the document (in > which case the section can be deleted in the next (hopefully final) version > of this document. > > I don't mind either way. Maybe the chairs have an idea about what the best > process is. But in either case we would like to ask the BGPSec Router > Certificate authors to review the included text.
Tim, Just so I’m following along: - This draft replaces the text in RFC 6487 s7.2 so should rpki-validation-reconsidered draft include the “Updates: 6487 (if approved)” header? My understanding is that the proposal is that all RPKI validators follow these new steps so that would make sense process wise. - bgpsec-pki-profiles s3.3 currently refers to RFC 6487 s7 for validation procedures and technically if rpki-validation-reconsidered updates RFC 6487 when bgpsec-pki-profiles refers to RFC 6487 it includes those references so I wouldn’t necessarily have to add a explicit reference to rpki-validation-reconsidered … but people will forget this and miss the update and I know Wes hates chasing references ;) So, to drive this point home we could do the following tweak in addition to adding your suggested bullet and separate-certificate per ASN suggestion: OLD: The validation procedure used for BGPsec Router Certificates is identical to the validation procedure described in Section 7 of [RFC6487], but using the constraints applied come from this specification. NEW: The validation procedure used for BGPsec Router Certificates is identical to the validation procedure described in Section 7 of [ID.sidr-rpki-validation-reconsidered], but using the constraints applied come from this specification. Note I’d probably also add ID.idr-rpki-validation-reconsidered to the required reading list in the terminology section :/ spt _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
