IETF Logo Mail Archive

Re: [sidr] Simpler trust anchor format

Robert Kisteleki <robert@ripe.net> Thu, 10 June 2010 17:48 UTC

Return-Path: <robert@ripe.net>
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4780228C10D for <sidr@core3.amsl.com>; Thu, 10 Jun 2010 10:48:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9PeUHc+9VOj1 for <sidr@core3.amsl.com>; Thu, 10 Jun 2010 10:48:07 -0700 (PDT)
Received: from postlady.ripe.net (postlady.ipv6.ripe.net [IPv6:2001:610:240:11::c100:1341]) by core3.amsl.com (Postfix) with ESMTP id D9FD03A6917 for <sidr@ietf.org>; Thu, 10 Jun 2010 10:48:06 -0700 (PDT)
Received: from dodo.ripe.net ([193.0.1.102]) by postlady.ripe.net with esmtps (TLSv1:AES256-SHA:256) (Exim 4.63) (envelope-from <robert@ripe.net>) id 1OMlrF-00051X-Ru for sidr@ietf.org; Thu, 10 Jun 2010 19:48:07 +0200
Received: from vifa-1.office-lb-1.ripe.net ([193.0.1.5] helo=Kistel-Mac.local) by dodo.ripe.net with esmtp (Exim 4.63) (envelope-from <robert@ripe.net>) id 1OMlrF-0002uF-Ji for sidr@ietf.org; Thu, 10 Jun 2010 19:48:01 +0200
Message-ID: <4C112550.3030806@ripe.net>
Date: Thu, 10 Jun 2010 10:48:00 -0700
From: Robert Kisteleki <robert@ripe.net>
Organization: RIPE NCC
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-GB; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: sidr@ietf.org
References: <alpine.BSF.2.00.1006062239350.39651@fledge.watson.org>
In-Reply-To: <alpine.BSF.2.00.1006062239350.39651@fledge.watson.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-RIPE-Signature: 72e00e6d7601fa19264e98abc238a2746d55eb9d9dd7a68500cd3c03f28ec352
X-RIPE-Spam-Level: ----
X-RIPE-Signature: 72e00e6d7601fa19264e98abc238a2746d55eb9d9dd7a68500cd3c03f28ec352
Subject: Re: [sidr] Simpler trust anchor format
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Jun 2010 17:48:08 -0000

On 2010.06.06. 21:21, Samuel Weiler wrote:
> I just submitted an i-d documenting a much simpler trust anchor format
> than the one in the current WG draft. Like the format in the WG doc,
> this one allows for a long-lived trust anchor even though the unlying
> certificate changes more often, e.g. when new resources are added. This
> format has the advantage of being noticeably simpler.
>
> I encourage the WG to adopt this format in place of the one in the
> current WG doc.
>
> -- Sam
>

My friend grep tells me I should support the adoption of this document.

Robert

v2.23.0 | Report a Bug | By Email