At 6:18 AM -0400 3/24/12, Christopher Morrow wrote:
<crickets>
Hey folk,
Is this draft stating something obvious and doesn't need to be
documented? or are we in need of this doc to keep us all on the same
page (us == ops + vendors) as to getting a cert created and installed
on our lovely devices?
If people could take a few minutes to read the 4 pages (minus
boilerplate) and think/comment that would be nice.
(for the record, it seems like documenting this is a good thing, from
my perspective.)
-chris
I think these issues need to be documented somewhere. It's helpful
to note motivations for central key generation (e.g., quick restoral
of service when a router fails and hardware is replaced), which
might otherwise be lost. Finally, we're working on a new cert provisioning
protocol in PKIX and this provides a basis for making sure this capability
is part of that protocol.
That said, it might make sense to combine this doc and the key rollover
doc that is another individual submission, of we want to reduce the
number of distinct SIDR docs.
Steve
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
