On Tue, 07 Aug 2007 08:02:24 -1000 Randy Bush <[EMAIL PROTECTED]> wrote:
> [ imiho, it is strange and ill-mannered that this thread has been > moved off the rescert list. this should rectify that. ] The issue came up in an IETF WG. The document in question is going into IETF WG process. I think the primary driver here is going to be WG consensus. > > the last three times we went around this discussion (were you not on > the other side?), we agreed that, for the exceedingly rare cases > where an issuer might want a bit to expire at a time other than the > rest of the resources, there was always reissue and revoke. That does not directly affect why I believe we need multiple signatures on a ROA. I'm finding this a bit of a non-sequiteur. What part of what I wrote related to lifetimes? > > this is not to say that i believe that different lifetimes for a > resource subset from one issuer to one subject is operationally > useful. i think it is yet one of a large and uninteresting set of > "wow, we could have a nice feature someone might use someday." but I was not addressing different lifetimes. I believe we need to encompass ROAs with multiple signatures over them because we will not be able to always ensure that resources lie under one trust anchor path, and yet want to create signings over more efficient prefixes. > > as, i think it was, steve kent said, this is already complex enough. > and complexity and security protocols do not make good bedfellows. The amount of complexity that is introduced by defining multiple signatures is understood: It is purposeful. I don't believe its avoidable. -George > > randy > _______________________________________________ Sidr mailing list [email protected] https://www1.ietf.org/mailman/listinfo/sidr
