Hi all,
I have already had some informal discussions about this and decided to write
our ideas up in a informational draft:
http://www.ietf.org/internet-drafts/draft-tbruijnzeels-sidr-validation-local-cache-00.txt
I will do a short talk on this during today's sidr session to explain the
background. Further discussion can then be done on list.
For the impatient, the gist:
In our view this approach demonstrates a way to do top-down RPKI validation
that is independent from *where* objects were retrieved and thus it is useful
when thinking about multiple publication points, or alternative ways to fetch
or share unvalidated objects.
The main question for the working group is wether we're willing to change the
way RPs can handle manifest, i.e. MAY they treat them as authoritative sources
to walk down the rpki tree?
Cheers
Tim
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
