i had to do some ascii porn for rob to deal with a secdir reviewer for
draft-ietf-sidr-publication. it may help here. i added the routers for
this discussion.
+--++--++--+
| CA || CA || CA |
+--++--++--+
|
Stephen,
Please see response below.
>From: sidr on behalf of Stephen Farrell
>
>Sent: Wednesday, January 4, 2017 4:45 PM
>To: Montgomery, Douglas (Fed); Russ Housley
>Hiya,
>On 04/01/17 21:39, Montgomery, Douglas (Fed) wrote:
>> The RPKI
Stephen,
Please see responses inline below.
>>[Sriram] Signer's ASN is indeed included in the signed data.
>> In Figure 8, "Secure_Path Segment : N" corresponds
>> to the signing AS (current AS) and that is where the
>> signer's ASN is included along with its pCount and Flags.
>Hmm. That's the
Hiya,
On 04/01/17 21:39, Montgomery, Douglas (Fed) wrote:
> The RPKI validating caches *are* the relaying parties for BGPsec, they are
> (a) designed to be run on a separate box than the router itself and (b)
> their behavior WRT exchanges with RPKI repositories is independent of BGP
> message
The RPKI validating caches *are* the relaying parties for BGPsec, they are
(a) designed to be run on a separate box than the router itself and (b)
their behavior WRT exchanges with RPKI repositories is independent of BGP
message processing by any of the routers that they serve.
Maybe the first
Stephen Farrell has entered the following ballot position for
draft-ietf-sidr-bgpsec-protocol-21: Discuss
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer