Tim: >> (2) Section 6, paragraph 5: is this intended to be a RFC 2119 "MAY"? >> If so, capitalize. If not, avoid the word. > > took me a moment. i think it is para 6, this one, yes? > > It is good key hygiene to use a given key for only one purpose. To > dedicate a signing private key for signing a geofeed file, an RPKI > Certification Authority (CA) may issue a subordinate certificate > exclusively for the purpose shown in Appendix A. > > that 'may' should probably be 2119ed. russ, opinion?
I actually think this is fine either way. In this case, the text is saying that an RPKI CA might choose to create a subordinate CA solely for issuing these certificates. Russ
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg