Hi Roque,
The draft analysis all possible attacks (theoretically possible, and
possible in practice) and also mentions "if fields *were*
human-readable...", but puts focus on the SEND real-world scenarios. For
example, we've mentioned pre-image attacks although they are not
theoretically possible, but we've of course put focuse on collision
attacks. Same thing is with the human readable fields.
Anyway, the WGLC was closed on 8th February.
Ana
Roque Gagliano wrote:
Hi,
I was starting to review this draft and I realized that most of
Section 3.2 is based in "human readable" information.
In SEND, we are not identifying people but functions in equipments, so
I am not sure I share how the section is written. Moreover, the cert.
profile document particularly requests that names should be
"meaningless" in RPKI. This is to avoid any sort of legal issues.
So, a certificate with a bizarre CN could still be valid for SEND.
Please check this website with valid RPKI certificates:
http://rpki.he.net/
All in all, I believe we should not take for granted that the
distinguished name field for either the subject or the issuer of a
SEND certificate should always be human readable.
Regards,
Roque
------------------------------------------------------------------------
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
_______________________________________________
CGA-EXT mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/cga-ext
