Dear working group, Following working group feedback from the session in Berlin, and on list, this new version now includes new OIDs to make the choice of validation algorithm explicit. The OIDs were not requested from IANA yet, because I first want to make sure that the text and structure as written is correct. This version also contains a suggested deployment time line, essentially requiring RP software to support this within a reasonable timeframe, and allowing CAs to opt-in to this algorithm.
We hope that this addresses the remaining concerns that were raised. Kind regards Tim Bruijnzeels > On 03 Oct 2016, at 13:55, [email protected] wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the Secure Inter-Domain Routing of the IETF. > > Title : RPKI Validation Reconsidered > Authors : Geoff Huston > George Michaelson > Carlos M. Martinez > Tim Bruijnzeels > Andrew Lee Newton > Daniel Shaw > Filename : draft-ietf-sidr-rpki-validation-reconsidered-07.txt > Pages : 21 > Date : 2016-10-03 > > Abstract: > This document proposes an update to the certificate validation > procedure specified in RFC 6487 that reduces aspects of operational > fragility in the management of certificates in the RPKI, while > retaining essential security features. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-sidr-rpki-validation-reconsidered/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-ietf-sidr-rpki-validation-reconsidered-07 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-sidr-rpki-validation-reconsidered-07 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > sidr mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/sidr _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
