Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-08.txt
Randy Bush <randy@psg.com> Wed, 08 October 2014 06:48 UTC
Return-Path: <randy@psg.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 765151A0055 for <sidr@ietfa.amsl.com>; Tue, 7 Oct 2014 23:48:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.686
X-Spam-Level:
X-Spam-Status: No, score=-2.686 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.786] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w1BWhOeUu6y2 for <sidr@ietfa.amsl.com>; Tue, 7 Oct 2014 23:48:12 -0700 (PDT)
Received: from ran.psg.com (ran.psg.com [IPv6:2001:418:8006::18]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 731E11A004D for <sidr@ietf.org>; Tue, 7 Oct 2014 23:48:12 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=ryuu.psg.com.psg.com) by ran.psg.com with esmtp (Exim 4.82) (envelope-from <randy@psg.com>) id 1Xbl2g-0005pr-DG; Wed, 08 Oct 2014 06:48:10 +0000
Date: Wed, 08 Oct 2014 02:48:08 -0400
Message-ID: <m2r3yjhxav.wl%randy@psg.com>
From: Randy Bush <randy@psg.com>
To: Sean Turner <TurnerS@ieca.com>
In-Reply-To: <8BFAD7DD-7CEA-4720-86BB-09407C6C543D@ieca.com>
References: <20140813004442.10560.45299.idtracker@ietfa.amsl.com> <B97A6E28-4EDB-4EC5-B8DA-9803C7B21900@ieca.com> <4556FA63-A6FD-471B-93FD-51D748C94EE8@tislabs.com> <8BFAD7DD-7CEA-4720-86BB-09407C6C543D@ieca.com>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: http://mailarchive.ietf.org/arch/msg/sidr/w0WLrH6Bzz6QuMQhdzb9w11S5YU
Cc: sidr wg list <sidr@ietf.org>, Sandra Murphy <Sandy@tislabs.com>
Subject: Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-profiles-08.txt
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr/>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Oct 2014 06:48:13 -0000
> Yep the issuer always gets to determine the subject name as per RFC > 6487 s4.5 so how about we just leave that bit out and make that > sentence a note: > > Note that more than one certificate can be issued to > an AS (i.e., more than one router can get a certificate > for the AS and hence the private key is shared among > more than one router). > > I guess the follow on question is whether we also point out that a > router could support more than one AS but having key pairs for each > AS: > > Also note that routers can support multiple ASs with > separate keys pairs one for each AS. > > or something like that? i think i understand it and it makes sense. though i would tersify it to Rrouters can support multiple ASs with separate keys pairs, one for each AS :) randy
- [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki-pro… internet-drafts
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sean Turner
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sandra Murphy
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sean Turner
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Randy Bush
- Re: [sidr] I-D Action: draft-ietf-sidr-bgpsec-pki… Sean Turner