Re: [sidr] TA document review

To: Roque Gagliano <roque at lacnic.net>
Subject: Re: [sidr] TA document review
From: Robert Kisteleki <robert at ripe.net>
Date: Sun, 08 Nov 2009 12:03:51 +0900
Cc: George Michaelson <ggm at apnic.net>, "sidr at ietf.org" <sidr at ietf.org>
Delivered-to: sidr at core3.amsl.com
In-reply-to: <3BEFC2E4-B923-4485-951C-B743CEADF444 at lacnic.net>
List-archive: <http://www.ietf.org/mail-archive/web/sidr>
List-help: <mailto:sidr-request@ietf.org?subject=help>
List-id: Secure Interdomain Routing <sidr.ietf.org>
List-post: <mailto:sidr@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
Organization: RIPE NCC
References: <4AF291C2.6000103 at ripe.net> <85B2D08D-62B3-4CDA-B8BA-E2357AEAE805 at apnic.net> <3BEFC2E4-B923-4485-951C-B743CEADF444 at lacnic.net>
User-agent: Thunderbird 2.0.0.23 (Macintosh/20090812)

Roque Gagliano wrote:

2.1.  A Compound Trust Anchor Structure
The ETA issues a CRL and one EE certificate.(Roque) I believe it needs to be explained that more than one ETA EEcert may be issued during the life-time of the ETA CA however at anyparticular moment there is only one valid EE cert.

In light of the recent discussion, this is not necessarily true. If (I mean,if) the solution to multiple RTAs is multiple CMS objects, then ther wil bemultiple ETA EEs. Note that I'm not in favor of that solution, but we're notyet in solution space.

5.  Relying Party use of Trust Anchor Material

      *  The ETA's CRL and CMS objects are retrieved from the
         publication point referenced by the SIA in the ETA certificate.
(Roque) s/CMS objects/CMS object


Probably not, see above. There may be multiple CMS objects and one CRL.

Robert

References:
- [sidr] TA questions
  - From: Robert Kisteleki
- Re: [sidr] TA questions
  - From: George Michaelson
- [sidr] TA document review
  - From: Roque Gagliano

Prev by Date: Re: [sidr] draft-pmohapat-sidr-pfx-validate-03.txt as SIDR WG document
Next by Date: Re: [sidr] draft-pmohapat-sidr-pfx-validate-03.txt as SIDR WG document
Previous by thread: [sidr] TA document review
Next by thread: [sidr] IETF 76 SIDR WG Agenda
Index(es):
- Date
- Thread

Re: [sidr] TA document review

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.