In my comments to Tim and Carlos, I neglected to say that I do think the
WG should
provide a detailed, algorithmic description of the proposed relaxed
validation
procedure.
If the authors produce a suitable description of the procedure, and if
the other
RPKI RP software developers find it reasonable, then I will support the
change.
I also note that relaxed validation rules probably would simplify the
procedure described
in the TAO I-D. I suggest that INR transfer, a topic raised by Sandy
long ago and not
addressed in detail prior to the TAO I-D, should be the topic of a
separate I-D, not
part of the relaxed validation procedure description.
Finally, I assume that the RIRs are not suggesting that errors in cert
issuance are
a good idea; thus I would like to see the revised validation I-D define
procedures
of the sort I described earlier to help CAs detect erroneous cert
issuance and avoid it,
rather than relying solely on relaxed validation by RPs to mitigate the
damage of
such errors.
Steve
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr