> On Jul 08, 2016, at 09:00, Sean Turner <s...@sn3rd.com> wrote: > > >> On Jul 08, 2016, at 05:35, Tim Bruijnzeels <t...@ripe.net> wrote: >> >> Stephen Kent comment on -04 of this document saying that it should not >> attempt to update the BGPSec Router Certificate I-D because it's not an RFC, >> just yet. It's currently in IESG Processing. The current document therefore >> has a request and some suggestion to the authors to change the document (in >> which case the section can be deleted in the next (hopefully final) version >> of this document. >> >> I don't mind either way. Maybe the chairs have an idea about what the best >> process is. But in either case we would like to ask the BGPSec Router >> Certificate authors to review the included text. > > Tim, > > Just so I’m following along: > > - This draft replaces the text in RFC 6487 s7.2 so should > rpki-validation-reconsidered draft include the “Updates: 6487 (if approved)” > header? My understanding is that the proposal is that all RPKI validators > follow these new steps so that would make sense process wise.
I would like to propose that sidr-rpki-validation-reconsidered include an updates header, i.e., “Updates: 6487 (if approved)”, be included on the 1st page of the draft in the appropriate location. Of the options presented in the change below for sidr-bgpsec-pki-profiles, I’d like to rely on the change proposed above and not make the OLD/NEW changes I proposed below, i.e., I am suggesting making no changes to the introductory text in s3.3 of sidr-bgpsec-pki-profiles to refer to sidr-rpki-validation-reconsidered because it’s an unnecessary change. Steve’s suggested some other edits a a result of this thread and rpki-validation-reconsidered, so if the chairs direct me I can upload a new version of sidr-bgpsec-pki-profiles. Since AD review hasn’t really happened yet, maybe we can treat these as late, but timely WGLC comments? spt > - bgpsec-pki-profiles s3.3 currently refers to RFC 6487 s7 for validation > procedures and technically if rpki-validation-reconsidered updates RFC 6487 > when bgpsec-pki-profiles refers to RFC 6487 it includes those references so I > wouldn’t necessarily have to add a explicit reference to > rpki-validation-reconsidered … but people will forget this and miss the > update and I know Wes hates chasing references ;) So, to drive this point > home we could do the following tweak in addition to adding your suggested > bullet and separate-certificate per ASN suggestion: > > OLD: > > The validation procedure used for BGPsec Router Certificates is > identical to the validation procedure described in Section 7 of > [RFC6487], but using the constraints applied come from this > specification. > > NEW: > > The validation procedure used for BGPsec Router Certificates is > identical to the validation procedure described in Section 7 of > [ID.sidr-rpki-validation-reconsidered], but using the constraints > applied come from this specification. > > Note I’d probably also add ID.idr-rpki-validation-reconsidered to the > required reading list in the terminology section :/ > > spt _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr
