On 27/04/10 12:24 PM, "Rob Austein" <s...@isc.org> wrote:
> I'm writing to propose that we remove all use and mention of TLS from
> the RPKI "up-down" protocol described in the (expired) draft
> draft-ietf-sidr-rescerts-provisioning.
>
I second this given my observations from October last year
(http://www.ietf.org/mail-archive/web/sidr/current/msg01256.html) and your
operational trials.
However I'm not sure it should be dropped without providing (noting your
second email) a mechanism to mitigate replay and reorder attacks. Provided
that your timer approach deals with any known attacks and this is adopted as
a defined rule for acceptance of the request I'll happily acquiesce.
Cheers
Terry
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr